Chapter 10. ASP.NET security

 

This chapter covers
  • Analyzing security threats
  • Handling untrusted user input
  • Techniques to prevent SQL injection
  • Cross-site scripting (XSS) in action
  • Path canonicalization issues

 

In previous chapters, we covered both ASP.NET Web Forms and MVC, and how your application might benefit from new features available in version 4.0. Now it’s time to take a look at security, which is a fundamental aspect of every well-realized application.

If you think that security is a secondary concern for your applications, you’re wrong: an insecure application is an incomplete application. In fact, in a web application, security is more important than anything else because of the global availability of this kind of application ...

Get ASP.NET 4.0 in Practice now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.