Skip to main content

Home/ Agency Oasis Developers/ Group items tagged encryption

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
mgraber

ASP.NET View State Overview - 0 views

msdn.microsoft.com/...bb386448.aspx

cross-site scripting

shared by mgraber on 15 Nov 11 - No Cached
  • mgraber on 15 Nov 11
     
    "Encrypting View State Although MAC encoding helps prevent tampering with view state data, it does not prevent users from viewing the data. You can prevent people from viewing this data in two ways: by transmitting the page over SSL, and by encrypting the view state data. Requiring the page to be sent over SSL can help prevent data-packet sniffing and unauthorized data access by people who are not the intended recipients of the page. However, the user who requested the page can still view the view state data because SSL decrypts the page to display it in the browser. This is fine if you are not concerned about authorized users having access to view state data. However, in some cases, controls might use view state to store information that no users should have access to. For example, the page might contain a data-bound control that stores item identifiers (data keys) in view state. If those identifiers contain sensitive data, such as customer IDs, you should encrypt the view state data in addition to or instead of sending the page over SSL. To encrypt the data, set the page's ViewStateEncryptionMode property to true. If you store information in view state, you can use regular read and write techniques; the page handles all encryption and decryption for you. Encrypting view state data can affect the performance of your application. Therefore, do not use encryption unless you need it. Control State Encryption Controls that use control state can require that view state be encrypted by calling the RegisterRequiresViewStateEncryption method. If any control in the page requires that view state be encrypted, all view state in the page will be encrypted. Per-user View State Encoding If a Web site authenticates users, you can set the ViewStateUserKey property in the Page_Init event handler to associate the page's view state with a specific user. This helps prevent one-click attacks, in which a malicious user creates a valid, pre-filled Web page with view state from a pre
mgraber

Encrypting Connection Strings in Web.config - O'Reilly Media - 0 views

www.ondotnet.com/...encryptingconnstring.html

encrypting web.config

shared by mgraber on 09 Jun 09 - Cached
  • mgraber on 09 Jun 09
     
    Encrypting Connection Strings in Web.config
ckhatri

Query String Module - 0 views

madskristensen.net/...r-query-string-encryption.aspx

query string encryption decryption post forms

shared by ckhatri on 13 Oct 11 - Cached
  • ckhatri on 13 Oct 11
     
    A very simple module that allows you encrypt and decrypt query string parameters. Source code is given, so it is extendable.
Matt DeGennaro

Online tool to create keys for view state validation and encryption - 0 views

aspnetresources.com/...machineKey

.net machineKey

shared by Matt DeGennaro on 03 Dec 10 - No Cached
  • Matt DeGennaro on 13 Apr 11
     
Mark Ursino

jsCrypto - 1 views

crypto.stanford.edu/sjcl

javascript encryption

shared by Mark Ursino on 11 May 10 - Cached
  • Mark Ursino on 11 May 10
     
    Fast symmetric cryptography in Javascript
1 - 8 of 8
Showing 20 items per page