29 Improving your application’s security

This chapter covers

Defending against cross-site scripting attacks
Protecting from cross-site request forgery attacks
Allowing calls to your API from other apps using CORS
Avoiding attach vectors such as SQL injection attacks

In chapter 28 you learned how and why you should use HTTPS in your application: to protect your HTTP requests from attackers. In this chapter we look at more ways to protect your application and your application’s users from attackers. Because security is an extremely broad topic that covers lots of avenues, this chapter is by no means an exhaustive guide. It’s intended to make you aware of some of the most common threats to your app and how to counteract them, and also to highlight ...

Get ASP.NET Core in Action, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ASP.NET Core in Action, Third Edition by Andrew Lock

29 Improving your application’s security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly