You can use approach described in the article How to handle improper parameter values in ASP.NET in C# to create a blocking engine to handle and improve parameter values. You should manage invalid requests and notify the client about any invalid parameters that were passed in. You should reply to the request using one of the …
asp.net 4.0
How to handle improper parameter values in ASP.NET in VB.NET
You should take care about the values coming with the HTTP requests, because improper values are dangerous. These values can alter behavior of your application, generate runtime exceptions, and expose the error details to an attacker. You need to inspect these values and protect your application, by using a unified approach to sanitize them.
You can improve the security …
You should take care about the values coming with the HTTP requests, because improper values are dangerous. These values can alter behavior of your application, generate runtime exceptions, and expose the error details to an attacker. You need to inspect these values and protect your application, by using a unified approach to sanitize them.
You …
The article How to hide URL query information in ASP.NET in VB.NET describes a class named EncryptedQueryString which is used in the next example to illustrate how you can use it in your projects. You have to build two web pages:
– The first one (QueryStringSender) can contain a text box for entering …
The article How to hide URL query information in ASP.NET in C# describes a class named EncryptedQueryString which is used in the next example to illustrate how you can use it in your projects. You have to build two web pages:
– The first one (QueryStringSender) can contain a text box for …
In many cases, the URL query contains information that should keep on hidden from the user. You can switch to another form of state management or encrypt the query string. You can encrypt the query string by using the cryptography classes provided with .NET and by leveraging the DPAPI.
As a first step you should build an …
In many cases, the URL query contains information that should keep on hidden from the user. You can switch to another form of state management or encrypt the query string. You can encrypt the query string by using the cryptography classes provided with .NET and by leveraging the DPAPI.
As a first step you should build an …
There is a specific kind of SQL injection that is related to handling multiple values in a query. Multiple values are often used in dynamically generated queries, for example, in combination with IN SQL clause or when you need to filter by different words. In this case you want to apply the same technique described in …
There is a specific kind of SQL injection that is related to handling multiple values in a query. Multiple values are often used in dynamically generated queries, for example, in combination with IN SQL clause or when you need to filter by different words. In this case you want to apply the same technique described in …
How to use parameterized SQL queries to protect ASP.NET web application from SQL injection in VB.NET
SQL injection is used as a way to gain control over a web application by simply injecting some specially created SQL query via a parameter. This kind of the worst attack for a web application is caused by improper handling of string concatenation. The next code lines illustrate a typical problem related to SQL injection. For …