Good morning, everyone. I'm on a short-term contracting gig, trying to patch some vulnerabilities in their legacy code. The application I'm working on is a combination of Classic ASP(VBScript) and .Net 2.0 (C#). One of the tools they have purchased is Fortify 360. Let's say that this is a current classic ASP page in the application: <%@ Language=VBScript %> <% Dim var var = Request.QueryString("var") ' do stuff Response.Redirect "nextpage.asp?var=" & var %> I know, I know, short and very dangerous. So we wrote some (en/de)coders and validation/verification routines: <%@ Language=VBScript %> <% Dim var var = Decode(Request.QueryString("var")) ' do stuff if isValid(var) then Response.Redirect "nextpage.asp?var=" & Encode(var) else 'throw error page end if %> And still Fortify flags this as vulnerable to Header Manipulation. How or what exactly is Fortify looking for? The reason I suspect that Fortify is looking for specific key words is that on the .Net side of things, I can include the Microsoft AntiXss assembly and call functions such as GetSafeHtmlFragment and UrlEncode and Fortify is happy. Any advice?