AspDotNetAtoms.com provides daily updates on ASP.NET Tutorials, Programming Resources, .NET Articles, Authors and more.
Categories
Recent Posts
- Handling Files and Directories from your web applications. : Rockin J
Using C#, VB.NET, and ASP.NET to get all files of directory and subdirectory. Simply illustration of - Animated Popup Master/Detail using GridView, DetailsView and JQuery with jqModal & UpdatePanel : Muhammad Mosa
Demonstrate how to build master/details data presentation using GridView, DetailsView as animated pop - Understanding Script Injection Attacks : Sanjit Sil
This article helps to understand the concept of script injection attacks in detail using ASP.NET. Sanjit - Designing An Application Using Test Driven Development : Mohammad Azam
Application design is one of the most important aspects of creating the application. A design serves - Cross-Site Scripting in ASP.NET : SandeepReddy Pasham
Cross-site scripting attacks exploit vulnerabilities in Web page validation by injecting client-side
Search
ASP.NET Resources
ASP.NET MVC Tip #10 - Prevent URL Manipulation Attacks : Stephen Walther on ASP.NET MVC
Saturday, August 09 2008
A hacker can use a URL Manipulation Attack to easily access other people’s data at a website. If you retrieve records by the record Id, and you do not check with each database request that the right person is making the request, then anyone can read anyone else’s database records. One of the benefits of ASP.NET MVC is that the framework exposes intuitive URLs. Unfortunately, this benefit also can be dangerous. A hacker can manipulate a URL to steal data from an ASP.NET MVC website. Let’s walk through a simple sample application that is open to a URL Manipulation Attack. Imagine that you are building a website for a hospital. Hospital patients can login to the website to view their medical histories. This application has four views.Executing async task in asp.net : Andrea Colaci
Basic Reporting Part 3: Programmatically Setting the ObjectDataSource's Parameter Values : Scott Mitchell
Support Voice: Using Virtual Path Providers : Parag Agarwal
ASP.NET 2.0 - Safely Compile And Execute Source Code Dynamically : Robbe Morris
Pre-compiling the Site : Marco Bellinaso