Browse by Tags
All Tags »
MVC »
ASP.NET (
RSS)
Last week I gave a presentations to the 2011 UC Davis IT Security Symposium that covered input validation features in HTML5. I mostly discussed the following three topics: New Html5 Input Types (like <input type=”email” />) Html5 Constraints...
ASP.NET MVC 3 includes a new unobtrusive validation strategy that utilizes HTML5 data-* attributes to decorate form elements. Using a combination of jQuery validation and an unobtrusive validation adapter script that comes with MVC 3, those attributes...
Validation of user input is integral to building a modern web application, and ASP.NET MVC offers us a way to enforce business rules on both the client and server using Model Validation. The recent release of ASP.NET MVC 3 has improved these offerings...
The System.ComponentModel.DataAnnotations namespace contains a validation attribute called DataTypeAttribute, which takes an enum specifying what data type the given property conforms to. Here are a few quick examples: public class DataTypeEntity...
Last week I gave a presentation to the UC.NET User Group which provided an overview/introduction to jQuery. Instead of using PowerPoint I created an ASP.NET MVC website and used a jQuery presentation plugin ( http://www.viget.com/inspire/jquery...
ASP.NET MVC 2 improves Model Validation in a number of ways, including the addition of client side validation (ala xVal). If you would like more information on Model Validation in ASP.NET MVC 2, see Scott Gu’s detailed post on this subject . ...
Alongside XSS (Cross Site Scripting) and SQL Injection, Cross-site Request Forgery (CSRF) attacks represent the three most common and dangerous vulnerabilities to common web applications today. CSRF attacks are probably the least well known but they are...
ASP.NET MVC2 will improve the built in Model Validation in a number of ways, including the addition of client side validation (ala xVal). If you would like more information on Model Validation in ASP.NET MVC 2, see Scott Gu’s detailed post on this subject...
Recently I developed a strategy which I think works well for authorizing access to user groups (Roles) without using the string names of those groups. The problem I am trying to avoid is doing something like [Authorize(Roles=”AdminRole”)] on a controller...
In an earlier post I talked about writing a Transaction attribute for MVC using NHibernate (though it isn’t really NHibernate specific). The basic idea is that when an action marked with [Transaction] is executing (OnActionExecuting) you begin a...
More Posts
Next page »