Tip: Replacing Html.Encode Calls With New Html Encoding Syntax
Posted
on Dot net Slackers
See other posts from Dot net Slackers
Published on Thu, 29 Apr 2010 00:00:00 GMT
Indexed on
2010/04/30
8:58 UTC
Read the original article
Hit count: 523
Filed under:
Like the well disciplined secure developer that you are, when you built your ASP.NET MVC 1.0 application, you remembered to call Html.Encode every time you output a value that came from user input. Didnt you? Well, in ASP.NET MVC 2 running on ASP.NET 4, those calls can be replaced with the new HTML encoding syntax (aka code nugget). Ive written a three part series on the topic. Html Encoding Code Blocks With ASP.NET 4 Html Encoding Nuggets With ASP.NET MVC 2 Using AntiXss as the default...
Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.
© Dot net Slackers or respective owner