Browse by Tags

All Tags » .NET » Security (RSS)

JSON Hijacking and How ASP.NET AJAX 1.0 Avoids these Attacks by ScottGu

Recently some reports have been issued by security researchers describing ways hackers can use the JSON wire format used by most popular AJAX frameworks to try and exploit cross domain scripts within browsers. Specifically, these attacks use HTTP GET...
Filed under: , , ,

Common Gotcha: Don't forget to <clear/> when adding providers by ScottGu

Recently I've helped a few people out who were having an issue with how they had added new Membership, Role, and Profile providers within their web.config file. If you are ever going to add a provider declaration within your web.config file, please read...

Tip/Trick: Adding Authorization Rules to Business and Data Layers using PrincipalPermissionAttributes by ScottGu

Earlier this summer I posted two tutorials on using Windows Authentication with ASP.NET: Enabling Window Authentication within an Intranet ASP.NET Web Application and Implementing Role Based Security within ASP.NET using Windows Authentication and SQL...

Tip/Trick: Patterns and Practices Guidance Explorer for .NET and ASP.NET by ScottGu

I blogged about the cool new .NET and ASP.NET Guidance Explorer that the Microsoft Patterns and Practices Team has been working on back in June. Since then the team has been hard at work and recently moved the project to be hosted on CodePlex. You can...

Free Patterns and Practices Guidance Explorer for ASP.NET and .NET by ScottGu

JD Meier from the Prescriptive Architecture Guidance Group (aka PAG) at Microsoft stopped by my office this morning to show me the new Guidance Explorer tool he has been working on. This is a cool WinForms client application that aggregates PAG guidance...
Filed under: , ,

Source Code for the Built-in ASP.NET 2.0 Providers Now Available for Download by ScottGu

Today we released the source code for the built-in ASP.NET 2.0 Membership, Role Management, Site Navigation, Session State, Profile, Web Events, and Web Part Personalization providers (basically all of the built-in providers that ship in the .NET 2.0...
Filed under: , ,

ASP.NET 2.0 Membership, Roles, Forms Authentication, and Security Resources by ScottGu

I usually try and spend at least an hour or two each night hanging out on the ASP.NET Forums answering questions. The last week or so I’ve been spending a lot of time in the Security Forum answering a lot of “how to” questions about some of the new features...
Filed under: , ,
More Posts