A DataView defines a presentation of the data in a DataTable that can include custom filtering and sorting settings. You can configure these setting, by using the DataView’s properties such as Sort and RowFilter. You can use them to specify what data you’ll see through the view, but they don’t affect the actual data in the …
asp.net 3.5
The DataSet, the heart of disconnected data access, contains two important parts:
– Collection of zero or more tables exposed through the Tables property.
– Collection of zero or more relationships that you can use to link tables together which are exposed through the Relations property.
The next picture presents the basic structure of the DataSet:
When you need to extract records from a database and use them to fill a table in a DataSet, you should use ADO.NET object: DataAdapter. Because the DataAdapter comes in a provider-specific object there is separate class for each provider: SqlDataAdapter, OracleDataAdapter, and so on. The DataAdapter works as a bridge between a single DataTable in …
There is a threat for file access named path canonicalization. Canonicalization is a process for converting data in standard (or canonical) form and it refers to the action that builds a path in a safe form. The next picture shows this process:
Path canonicalization in action. If an attacker passes special characters, such as .. or …
There is a threat for file access named path canonicalization. Canonicalization is a process for converting data in standard (or canonical) form and it refers to the action that builds a path in a safe form. The next picture shows this process:
Path canonicalization in action. If an attacker passes special characters, such as .. or …
How to handle and display user input to protect ASP.NET web application from XSS in VB.NET
Cross site scripting (or XSS) is the most insidious kind of attack because it’s quite often invisible at first glance. XSS is based on some code (markup or JavaScript) that is injected into your page. The most common is related to that’s saved in a database after end user input and then loaded in a page. The next …
How to handle and display user input to protect ASP.NET web application from XSS in C#
Cross site scripting (or XSS) is the most insidious kind of attack because it’s quite often invisible at first glance. XSS is based on some code (markup or JavaScript) that is injected into your page. The most common is related to that’s saved in a database after end user input and then loaded in a page. The next …
You can use approach described in the article How to handle improper parameter values in ASP.NET in VB.NET to create a blocking engine to handle and improve parameter values. You should manage invalid requests and notify the client about any invalid parameters that were passed in. You should reply to the request using one of the specific error …
You can use approach described in the article How to handle improper parameter values in ASP.NET in C# to create a blocking engine to handle and improve parameter values. You should manage invalid requests and notify the client about any invalid parameters that were passed in. You should reply to the request using one of the …
How to handle improper parameter values in ASP.NET in VB.NET
You should take care about the values coming with the HTTP requests, because improper values are dangerous. These values can alter behavior of your application, generate runtime exceptions, and expose the error details to an attacker. You need to inspect these values and protect your application, by using a unified approach to sanitize them.
You can improve the security …