The Cross-Site Scripting (XSS) FAQ - 0 views
Microsoft Asp.net version 3.5 : Security vulnerabilities - 0 views
-
"ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks against the form control via the __VIEWSTATE parameter"
Building Secure ASP.NET Pages and Controls - 0 views
-
"view state"
Security Guidelines: ASP.NET 2.0 - 0 views
ASP.NET View State Overview - 0 views
-
"Encrypting View State Although MAC encoding helps prevent tampering with view state data, it does not prevent users from viewing the data. You can prevent people from viewing this data in two ways: by transmitting the page over SSL, and by encrypting the view state data. Requiring the page to be sent over SSL can help prevent data-packet sniffing and unauthorized data access by people who are not the intended recipients of the page. However, the user who requested the page can still view the view state data because SSL decrypts the page to display it in the browser. This is fine if you are not concerned about authorized users having access to view state data. However, in some cases, controls might use view state to store information that no users should have access to. For example, the page might contain a data-bound control that stores item identifiers (data keys) in view state. If those identifiers contain sensitive data, such as customer IDs, you should encrypt the view state data in addition to or instead of sending the page over SSL. To encrypt the data, set the page's ViewStateEncryptionMode property to true. If you store information in view state, you can use regular read and write techniques; the page handles all encryption and decryption for you. Encrypting view state data can affect the performance of your application. Therefore, do not use encryption unless you need it. Control State Encryption Controls that use control state can require that view state be encrypted by calling the RegisterRequiresViewStateEncryption method. If any control in the page requires that view state be encrypted, all view state in the page will be encrypted. Per-user View State Encoding If a Web site authenticates users, you can set the ViewStateUserKey property in the Page_Init event handler to associate the page's view state with a specific user. This helps prevent one-click attacks, in which a malicious user creates a valid, pre-filled Web page with view state from a pre
validate.js - 0 views
-
Lightweight JavaScript form validation library
Minimit Gallery Plugin - 0 views
-
Minimit Gallery is a highly customizable Jquery plugin that does galleries, slideshows, carousels, slides… pratically everything that has multiple states.
Amazium - The responsive web framework..! - 0 views
-
Amazium is a CSS framework that handles the most tricky and time-consuming parts of creating responsive websites.
Moment.js - A lightweight javascript date library - 0 views
-
A lightweight javascript date library for parsing, manipulating, and formatting dates.
Pingdom Tools - 0 views
-
Test the Load Time of a Web Page
jQuery Countdown - 0 views
-
Countdown plugin
Gridlover - 0 views
-
Gridlover is the tool to establish a type system with modular scale and vertical rhythm to build upon.
jQuery News Ticker - 0 views
-
Taking inspiration from the BBC News website ticker, jQuery News Ticker brings a lightweight and easy to use news ticker to jQuery
Slider.js: Slideshow with jQuery, CSS Transitions and Canvas - 0 views
-
Slideshow with jQuery, CSS Transitions and Canvas
Embed SWF: Easily embed Flash files in a web page. - 0 views
-
SWFObject configurator
« First
‹ Previous
341 - 360 of 2284
Next ›
Last »
Showing 20▼ items per page