Preventing Javascript Encoding XSS attacks in ASP.NET MVC

Posted by Jon Galloway on April 29, 2011

I just posted about cross-site scripting, or XSS attacks, in ASP.NET. Javascript Encoding XSS attacks are a particularly tricky form of XSS, since Javascript encoded values are valid HTML and will pass through default HTML encoding. Here's an example - let's assume we want to add a special welcome... [read more]

Rating

4/5

Reviews

Submit a comment / review

There are currently no comments or reviews.

Creating Multiple JavaScript Objects when using the Revealing Module Pattern

In my previous series on Techniques, Strategies and Patterns for Structuring JavaScript Code I discussed the Revealing Module Pattern and explained ho...
By Dan Wahlin on September 6, 2011
Underscore.js

Liam told me about Underscore.js some time ago. From the home page: Underscore is a utility-belt library for JavaScript that provides a lot of the...
By K. Scott Allen (OdeToCode.com) on August 17, 2011
Application Page Security for SharePoint

This post describes how to implement request validation and permission based security in SharePoint Application pages. Validate a Request sent from...
By default on October 22, 2011
InfoPath - Get the row being edited in a repeating table programmatically

I recently came across an issue with an InfoPath Form, where an XML Document was being constructed in the background when certain fields were updated ...
By default on January 23, 2011
Detecting HTML5/CSS3 Features using Modernizr

HTML5, CSS3, and related technologies such as canvas and web sockets bring a lot of useful new features to the table that can take Web applications to...
By Dan Wahlin on November 17, 2011
Get Twitter, Facebook And Feed Readers Count In ASP.NET

I am working on some web stuff these days and surfing around to look at some of the best web developer's work around the web. As I was surfing I came ...
By Prashant Khandelwal on September 2, 2011
Determining Whether You’re Running on the Windows Phone Emulator or Not

This is a tiny little quick-tip for Windows Phone 7 I came up with a tiny little function to make it easy to check whether you're running under the Wi...
By Visual Basic Feng Shui on August 22, 2011
ASP.NET MVC dynamic view sections

Earlier today, a colleague of mine asked for advice on how he could create a “dynamic” view. To elaborate, he wanted to create a change settings p...
By Maarten Balliauw on September 8, 2011
ASP.NET MVC: Moving code from controller action to service layer

I fixed one controller action in my application that doesn't seemed good enough for me. It wasn't big move I did but worth to show to beginners how ni...
By Gunnar Peipman on June 20, 2011

DevelopASP.NET

Preventing Javascript Encoding XSS attacks in ASP.NET MVC

Rating

Reviews

Submit a review:

DevelopASP.NET

Categories

Translate

Most Popular (7 Days)

Recent Popular

DevelopASP.NET

Preventing Javascript Encoding XSS attacks in ASP.NET MVC

Rating

Reviews

Related

Submit a review:

DevelopASP.NET

Categories

Translate

Most Popular (7 Days)

Recent Popular