November 2008
Intermediate to advanced
935 pages
30h 36m
English
book
Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB
by Bilal Haidar, Stefan Schackow
Content preview from Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 18. Best Practices for Securing ASP.NET Web Applications
Having reached the last chapter of this book, you are now aware of all the features and modules provided by ASP.NET to help build secure web applications. All these features are out-of-the box features that ASP.NET provides to make the developer's life easy. However, a lot has to be done to secure an ASP.NET web application during its interaction with client users. In this chapter, you will be introduced to the best practices to secure an ASP.NET web application. The discussion is in the form of a list of best practices that you can follow and apply in your web application. Each recommended best practice is explained in detail with sample code, when possible.
In addition, the discussion introduces you to the vulnerabilities exposed by introducing AJAX techniques into your applications, for smooth and interactive user experiences, and the possible best practices in securing such applications.
In this chapter, will you will learn how to apply the following practices to secure your ASP.NET web application:
How to trust your users.
How to run applications with least privileges.
How to validate user input properly.
How to properly secure an HttpCookie.
How to secure database access.
How to handle SQL injection attacks.
How to handle cross-site scripting attacks.
How to handle cross-site request forgery attacks.
How to handle application/page exceptions properly.
How to guard against denial-of-service attacks.
How to secure data ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.