How to make safe and secure forms in asp.net MVC 3

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by anirudha on Geeks with Blogs See other posts from Geeks with Blogs or by anirudha
Published on Thu, 10 Feb 2011 17:52:37 GMT Indexed on 2011/02/10 23:26 UTC
Read the original article Hit count: 183

Filed under:

the asp.net application need all kind of security. unsecure forms may be influence by XSS [cross site scripting]

there is some way to solve these type of problem in MVC.

first sollution is that use <%= Html.AntiForgeryToken() %> for make secure from cross site scripting. it’s work by machine key in MVC. well you can valid them whenever you got respond from client. you can apply by this attribute on action you give the response behalf of form submission

[ValidateAntiForgeryToken]

you can secondly use authorize attribute where you can make own definition of authorize attribute in asp.net mvc for more info read david’s post

well I am use my own custom attribute who use a different type of authorization :- the who controller use a attribute I put their and the attribute I put their have a logic and logic check the cookie in request who make sure that request they got from user.

© Geeks with Blogs or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle