Archive for the ‘Forums’ Category

Request Validation – Preventing Script Attacks

Posted by pavan on 26 September, 2009
No comments yet
This item was filled under [ Forums ]

Request validation, a feature of ASP.NET since version 1.1, prevents the server from accepting content containing un-encoded HTML. This feature is designed to help prevent some script-injection attacks whereby client script code or HTML can be unknowingly submitted to a server, stored, and then presented to other users. We still strongly recommend that you validate all [...]

Continue reading...

Tagged with: [ , ]

Using Client Side State Management Techniques like Hidden Fields and ViewState

Posted by Admin on 21 April, 2009
No comments yet
This item was filled under [ Forums ]

This is a continuation of an article on client side state management. This section will discuss hidden fields and ASP.Net viewstate.
Hidden Fields
The next client side state management technique for ASP.Net is hidden fields. Hidden fields have been around for a long time. This is where you place a text field control on your html page. [...]

Continue reading...

Tagged with: [ ]

Validation of ViewState Mac failed

Posted by Admin on 21 April, 2009
2 Comments
This item was filled under [ Forums ]

If your page doesn’t load slowly and you are not on a web farm, this little tipp might help you. Most people suggest to add the following attributes to the Page directive:
 
<pages enableEventValidation=“false“ viewStateEncryptionMode =“Never“
 
This is known to be a security risk and in my case it didn’t fix the problem.
I think I found another [...]

Continue reading...