Group items tagged
Building Secure ASP.NET Pages and Controls - 0 views
-
"view state"
Security Guidelines: ASP.NET 2.0 - 0 views
ASP.NET View State Overview - 0 views
-
"Encrypting View State Although MAC encoding helps prevent tampering with view state data, it does not prevent users from viewing the data. You can prevent people from viewing this data in two ways: by transmitting the page over SSL, and by encrypting the view state data. Requiring the page to be sent over SSL can help prevent data-packet sniffing and unauthorized data access by people who are not the intended recipients of the page. However, the user who requested the page can still view the view state data because SSL decrypts the page to display it in the browser. This is fine if you are not concerned about authorized users having access to view state data. However, in some cases, controls might use view state to store information that no users should have access to. For example, the page might contain a data-bound control that stores item identifiers (data keys) in view state. If those identifiers contain sensitive data, such as customer IDs, you should encrypt the view state data in addition to or instead of sending the page over SSL. To encrypt the data, set the page's ViewStateEncryptionMode property to true. If you store information in view state, you can use regular read and write techniques; the page handles all encryption and decryption for you. Encrypting view state data can affect the performance of your application. Therefore, do not use encryption unless you need it. Control State Encryption Controls that use control state can require that view state be encrypted by calling the RegisterRequiresViewStateEncryption method. If any control in the page requires that view state be encrypted, all view state in the page will be encrypted. Per-user View State Encoding If a Web site authenticates users, you can set the ViewStateUserKey property in the Page_Init event handler to associate the page's view state with a specific user. This helps prevent one-click attacks, in which a malicious user creates a valid, pre-filled Web page with view state from a pre
Brower Stack - 0 views
-
A web app that allows you front end cross browser testing.
Online Meeting, Web Conferencing, Desktop Sharing and Remote Support with Mikogo - 0 views
-
Mikogo is an easy-to-use cross-platform desktop sharing tool, ideal for web conferencing, online meetings or remote support. And it's FREE for both commercial and private use.
Web Fonts: Custom fonts using @font-face, cross-browser font embedding - 0 views
-
Typotheque Web Font Service
How To: Protect From Injection Attacks in ASP.NET - 0 views
-
"How To: Protect From Injection Attacks in ASP.NET"
Know who to hire to help fix PCI compliance issues on a client's website? - 0 views
-
"Know who to hire to help fix PCI compliance issues on a client's website?"
asp.net - ViewStateUserKey isn't preventing CSRF? - Stack Overflow - 0 views
-
"ViewStateUserKey isn't preventing CSRF?"
Take Advantage of ASP.NET Built-in Features to Fend Off Web Attacks - 0 views
-
"Take Advantage of ASP.NET Built-in Features to Fend Off Web Attacks"
List.js - Add search, sort and flexibility to plain HTML lists with cross-browser nativ... - 0 views
-
A plugin that makes your plain HTML lists super flexible, searchable, sortable and filterable
« First
‹ Previous
41 - 55 of 55
Showing 20▼ items per page