CRV2 FrameworkSpecIssuesASPNet

From OWASP
Revision as of 21:27, 13 July 2013 by Johanna Curiel (Talk | contribs)

Jump to: navigation, search

Contents

ASP.NET Security

Sanitize Input

Anything coming from external sources can be consider as input in a web application. Not only the user inserting data through a web form, but also dsata retrieved from a web service or database, headers sent from the browsers.

A way of defining when input is safe can be done through defining a trust boundary

Data Encryption

Authentication and Authorization

creating a Semi- Trusted Application