Browse by Tags

All Tags » Security (RSS)

Silverlight 2 beta 1 and Socket Exception: Access Denied by Michael Schwarz

Playing around with the sockets in Silverlight 2 beta 1 I found out that it works fine on my local host. When publishing my sample to a real Web server (I mean a Web server that is reachable in the Internet with a domain) I got always a socket exception...
Filed under: , ,

Maybe Socket Bug in Policy Code in Silverlight 2 beta 1 by Michael Schwarz

In my last post I wrote about how you can use sockets in Silverlight 2 beta 1 . Well, when publishing my application to a Internet domain the code didn't work. I always get a socket exception: error code 10013, access denied. I have put an example online...
Filed under: , , ,

Silverlight 2 and System.Net.Sockets.Socket by Michael Schwarz

The new beta of Silverlight 2 introduces Sockets. The security model enforced by the System.Net.Sockets namespace in Silverlight 2 allows for a connection only back to the site or host of origin. So Silverlight 2 applications will be allowed to connect...

ASP.NET AJAX Roles and Security by Michael Schwarz

David Barkol writes on his blog about ASP.NET AJAX Role Application Service with Visual Studio 2008 (Orcas). Well, it is a new service that is working similar to the profile and authentication service. As it is very easy to call it from the client-side...

Authentication and Session by Michael Schwarz

In my current project I'm using a own User object that I store in the HttpContext.Session to have personalized data available without connecting on each AJAX method / page refresh to the database. If the session will end because of timeouts, Web server...

webinale 07 by Michael Schwarz

[I will be available for Microsoft Silverlight discussions at the webinale 07 conference in Ludwigsburg/Stuttgart to talk and discuss about the latest version of Silverlight presented at the Mix07 in Las Vegas. Of course, you can talk with me about Ajax...

Looking Forward to next AjaxPro Release by Michael Schwarz

Some developers mentioned that it would be nice if Ajax.NET Professional could be more JSON compliant to use with some JavaScript frameworks that are not using the eval statement. And, if you have a look at json.org JSON message always have to be an object...

Trackbacks, Who Is Linking You and where you should pay attention by Michael Schwarz

Today I opened the turkish version of Google and did a search for something I cannot remember. The thing was that I didn't hit enter, instead I clicked on the button Google'da Ara . What I noticed then was that the ' was not correct url encoded...

JSON Hijacking and How Ajax.NET Professional (AjaxPro) Avoids these Attacks by Michael Schwarz

There are a couple of web sites reporting about security issues that hackers can use to invoke AJAX methods or use the JSON output to get data from other web applications. Specificallly, these attacks use HTTP GET requests invoked via an HTML <script...

Are we ready for AJAX? by Michael Schwarz

I had a watch today on the webcast How Hackers Reverse Engineer and Exploit an Ajax Application . There wasn't any new security issue as we already should know as AJAX or web application developers. Samples did show how to hack the AutoComplete.asmx...
More Posts Next page »