The Missing Stat: noscript - 0 views
Cache Tuner User Guide - 0 views
Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet - OWASP - 0 views
-
"Viewstate (ASP.NET) ASP.NET has an option to maintain your ViewState. The ViewState indicates the status of a page when submitted to the server. The status is defined through a hidden field placed on each page with a control. Viewstate can be used as a CSRF defense, as it is difficult for an attacker to forge a valid Viewstate. It is not impossible to forge a valid Viewstate since it is feasible that parameter values could be obtained or guessed by the attacker. However, if the current session ID is added to the ViewState, it then makes each Viewstate unique, and thus immune to CSRF. To use the ViewStateUserKey property within the Viewstate to protect against spoofed post backs. Add the following in the OnInit virtual method of the Page-derived class (This property must be set in the Page.Init event) protected override OnInit(EventArgs e) { base.OnInit(e); if (User.Identity.IsAuthenticated) ViewStateUserKey = Session.SessionID; } The following keys the Viewstate to an individual using a unique value of your choice. (Page.ViewStateUserKey) This must be applied in Page_Init because the key has to be provided to ASP.NET before Viewstate is loaded. This option has been available since ASP.NET 1.1. However, there are limitations on this mechanism. Such as, ViewState MACs are only checked on POSTback, so any other application requests not using postbacks will happily allow CSRF. "
Sitecore Users Virtual Group - 1 views
-
Latest cool prototypes from Sitecore US lab Alex Shyba Solution Architect Sitecore Oct 19, 2011 Noon Pacific, 3:00 PM Eastern, 8:00 PM UK. Alex will be showing some of the latest Shared Source components that he has been working on. Alex Shyba has been with Sitecore for more than 6 years. His primary role is helping implementation partners in North America build successful solutions on Sitecore platform. Whenever he is not reading car magazines, Alex enjoys exploring dark corners of Sitecore by reading kernel code from Reflector and building cool prototypes. Alex maintains one of the oldest Sitecore blogs at http://sitecoreblog.alexshyba.com/ where he shares his ideas about ways to implement Sitecore and provides recommendations on various aspects of the product. You can connect with Alex on Twitter @alexshyba. Video from the presentation
Infragistics - User Interface Components - 0 views
Ten more CSS tricks you may not know - 0 views
YouTube - mobilephone2003's Channel - 0 views
Sitecore Best Practices: Usability and User Acceptance - 0 views
Vid.ly - Support Mobile and Browser - 1 views
Super User - 0 views
« First
‹ Previous
41 - 57 of 57
Showing 20▼ items per page