| More

Recent News » Security

User Input In Sheep’s Clothing

Posted by: youve been HAACKED, on 09 Jul 2008 | View original | Bookmarked: 0 time(s)

We all know that it is bad bad bad to trust user input. I dont care if your users are all ascetic monks in a remote monastery, do not trust their input. However, user input often likes to put on sheeps clothing and disguise itself as something else entirely, such as the case with ViewState. Another example of this is highlighted in the latest entry of his excellent series of ASP.NET MVC tips. In this post, Stephen Walther writes about how cookie values and server variables can be passed as parameters...

Advertisement

Free Agile Project Management Tool from Telerik TeamPulse Community Edition helps your team effectively capture requirements, manage project plans, assign and track work, and most importantly, be continually connected with each other.

Category: Security | Other Posts: View all posts by this blogger | Report as irrelevant | View bloggers stats | Views: 1 | Hits: 0

News Categories

.NET | Agile | Ajax | Architecture | ASP.NET | BizTalk | C# | Certification | Data | DataGrid | DataSet | Debugger | DotNetNuke | Events | GridView | IIS | Indigo | JavaScript | Mobile | Mono | Patterns and Practices | Performance | Podcast | Refactor | Regex | Security | Sharepoint | Silverlight | Smart Client Applications | Software | SQL | VB.NET | Visual Studio | W3 | WCF | WinFx | WPF | WSE | XAML | XLinq | XML | XSD