O'Reilly logo

Pro ASP.NET MVC 2 Framework by Steven Sanderson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 15. Security and Vulnerability

You can't go far as a web developer without a solid awareness of web security issues understood at the level of HTTP requests and responses. All web applications are potentially vulnerable to a familiar set of attacks—such as cross-site scripting (XSS), cross-site request forgery (CSRF), and SQL injection—but you can mitigate each of these attack vectors if you understand them clearly.

The good news for ASP.NET MVC developers is that ASP.NET MVC doesn't on its own introduce significant new risks. It takes an easily understood bare-bones approach to handling HTTP requests and generating HTML responses, so there's little uncertainty for you to fear.

To begin this chapter, I'll recap how easy it is for end users ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required