In a recent post, Stephen Walther pointed out the dangers of using a link to delete data . Go read it as it provides very good coverage of the issues. The problem is not restricted to delete operations. Any time you allow a GET request to modify data, you’re asking for trouble . Read this story about...

Earlier this morning, I posted on making a simple jQuery delete link which makes it easy to create a delete link that does a form post to a delete action. Commenters pointed out that my solution won’t work for down-level browsers such as some mobile phones, and they were right. I wasn’t really concerned...

Today I read something where someone was comparing Web Forms to ASP.NET MVC and suggested that Web Forms does a lot more than ASP.NET MVC to protect your site from malicious attacks. One example cited was that Server controls automatically handled HTML encoding so you don’t have to really think about...

In my last post, I wrote about the hijacking of JSON arrays . Near the end of the post, I mentioned a comment whereby someone suggests that what really should happen is that browsers should be more strict about honoring content types and not execute code with the content type of application/json . I...

In this article, Ashic Mahtab shows an elegant, reusable and unobtrusive way in which to persist sensitive data to the browser in hidden inputs and restoring them on postback without needing to change any code in controllers or actions. Note: Cross posted from Heartysoft.com . Permalink

In this article, Ashic Mahtab shows an elegant, reusable and unobtrusive way in which to persist sensitive data to the browser in hidden inputs and restoring them on postback without needing to change any code in controllers or actions. The approach is an improvement of his previous article and incorporates...

.NET Ms-PL Source Release for System.Web.Mvc 2 - ASP.NET MVC 2 RTM ASP.NET Performance: Web Application Gets Slow Periodically – “Sudden” Traffic Spikes From Binary to Data Structures Marshaling with C# Pocket Reference Creating a Lazy Sequence of Directory Descendants in C# Sharing Solutions between...

Scott Guthrie recently wrote about the new <%: %> syntax for HTML encoding output in ASP.NET 4 . I also covered the topic of HTML encoding code nuggets in the past as well providing some insight into our design choices for the approach we took. A commenter to Scott’s blog post asked, Will it be...

Below a list of interesting links that I found this week: Frontend: How to Create a Mobile Version of Your Website 10 tricks that will make your jQuery enabled site go faster Tools and Resources to Test Cross Browser Compatibility of Your Websites 9 Websites to Learn the Basics About html 5 Development...

Below a list of interesting links that I found this week: Interaction: Fingers are Bigger than Mice - Design Concepts for Mobile Websites 20 Essential Tools and Tips to an Accessible Website Frontend: Don’t Forget About HTML5’s “Little Guys” Development: 10 Differences Between WCF and ASP.NET Web Services...