This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "CRV2 FrameworkSpecIssuesASPNet"
From OWASP
| Line 1: | Line 1: | ||
= ASP.NET Security = | = ASP.NET Security = | ||
| + | == Sanitize Input == | ||
| + | Anything coming from external sources can be consider as input in a web application. Not only the user inserting data through a web form, but also dsata retrieved from a web service or database, headers sent from the browsers. | ||
| + | |||
| + | A way of defining when input is safe can be done through defining a trust boundary | ||
== Data Encryption == | == Data Encryption == | ||
== Authentication and Authorization== | == Authentication and Authorization== | ||
| − | + | ||
== creating a Semi- Trusted Application == | == creating a Semi- Trusted Application == | ||
Revision as of 02:27, 14 July 2013
ASP.NET Security
Sanitize Input
Anything coming from external sources can be consider as input in a web application. Not only the user inserting data through a web form, but also dsata retrieved from a web service or database, headers sent from the browsers.
A way of defining when input is safe can be done through defining a trust boundary
