Chapter 8. Security


This chapter covers
  • Requiring authentication and authorization
  • Preventing cross-site scripting attacks
  • Mitigating cross-site request forgeries
  • Avoiding JSON hijacking


In the previous chapters, we covered Ajax and client validation. In this chapter, we’ll continue discussing client concerns as we harden our applications from malicious input. Security is a major issue for online services. We frequently see news reports of high-profile security breaches where hackers have been able to steal personal information or where sensitive data has been accidentally exposed online. The sad reality is that many of these incidents could have been easily prevented. As developers, we need to design our applications with security in ...

Get ASP.NET MVC 4 in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.