This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

CRV2 FrameworkSpecIssuesASPNet

From OWASP
Revision as of 02:27, 14 July 2013 by Johanna Curiel (talk | contribs)

Jump to: navigation, search

ASP.NET Security

Sanitize Input

Anything coming from external sources can be consider as input in a web application. Not only the user inserting data through a web form, but also dsata retrieved from a web service or database, headers sent from the browsers.

A way of defining when input is safe can be done through defining a trust boundary

Data Encryption

Authentication and Authorization

creating a Semi- Trusted Application

Retrieved from "https://wiki.owasp.org/index.php?title=CRV2_FrameworkSpecIssuesASPNet&oldid=155435"