Tip: Replacing Html.Encode Calls With New Html Encoding Syntax

Posted on Dot net Slackers See other posts from Dot net Slackers
Published on Thu, 29 Apr 2010 00:00:00 GMT Indexed on 2010/04/30 8:58 UTC
Read the original article Hit count: 523

Filed under:
Like the well disciplined secure developer that you are, when you built your ASP.NET MVC 1.0 application, you remembered to call Html.Encode every time you output a value that came from user input. Didnt you? Well, in ASP.NET MVC 2 running on ASP.NET 4, those calls can be replaced with the new HTML encoding syntax (aka code nugget). Ive written a three part series on the topic. Html Encoding Code Blocks With ASP.NET 4 Html Encoding Nuggets With ASP.NET MVC 2 Using AntiXss as the default...

Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.



Email this Article

© Dot net Slackers or respective owner