Tip: Replacing Html.Encode Calls With New Html Encoding Syntax
Like the well disciplined secure developer that you are, when you built your ASP.NET MVC 1.0 application, you remembered to call Html.Encode every time you output a value that came from user input. Didnt you? Well, in ASP.NET MVC 2 running on ASP.NET 4, those calls can be replaced with the new HTML encoding syntax (aka code nugget). Ive written a three part series on the topic. Html Encoding Code Blocks With ASP.NET 4 Html Encoding Nuggets With ASP.NET MVC 2 Using AntiXss as the default...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.