search

This post is part of the series 'Vulnerabilities'. Be sure to check out the rest of the blog posts of the series! Impersonation and security SQL injections How to prevent CSRF attacks ASP MVC and XSRF Cross-site scripting (XSS) ASP MVC: Mass Assignment Regex - Deny of Service (ReDoS) (this post) Deserialization can be dangerous Prevent Zip bombs in .NET

Bharat Dwarkani shared on Jan 22, 2020
image
meziantou.net
bookmarks
share
favorite_border0 visibility10
favorite_border0 visibility10 share bookmarks

ASP.NET Core enables developers to easily configure and manage security for their apps. ASP.NET Core contains features for managing authentication, authorization, data protection, HTTPS enforcement, app secrets, anti-request forgery protection, and CORS management. These security features allow you to build robust yet secure ASP.NET Core apps.

Bharat Dwarkani shared on Jan 19, 2020
image
docs.microsoft.com
bookmarks
share
favorite_border0 visibility18
favorite_border0 visibility18 share bookmarks

Cross-Site Scripting (XSS) is a security vulnerability which enables an attacker to place client side scripts (usually JavaScript) into web pages. When other users load affected pages the attacker's scripts will run, enabling the attacker to steal cookies and session tokens, change the contents of the web page through DOM manipulation or redirect the browser to another page. XSS vulnerabilities generally occur when an application takes user input and outputs it to a page without validating, enco

Bharat Dwarkani shared on Jan 19, 2020
image
docs.microsoft.com
bookmarks
share
favorite_border0 visibility9
favorite_border0 visibility9 share bookmarks

Web applications have proven to be vulnerable to attacks from different sources, though, and it is our responsibility to safeguard our data. This article will help you develop a secure ASP.NET Core MVC web application.

Bharat Dwarkani shared on Dec 17, 2019
image
syncfusion.com
bookmarks
share
favorite_border0 visibility36
favorite_border0 visibility36 share bookmarks

In this article, we are going to learn about the ASP.NET Core built-in data protection mechanism, IDataProtector, which we can use to encrypt and decrypt our sensitive data.

Bharat Dwarkani shared on Nov 25, 2019
image
code-maze.com
bookmarks
share
favorite_border0 visibility89
favorite_border0 visibility89 share bookmarks

An Open Redirection is when a web application or server uses a user-submitted link to redirect the user to a given website or page.

Bharat Dwarkani shared on Nov 24, 2019
image
sagarjaybhay.com
bookmarks
share
favorite_border0 visibility0
favorite_border0 visibility0 share bookmarks

Learn how to build Web APIs with the new ASP.NET Core 3.0 and how to secure them with Auth0 authentication and authorization features.

Bharat Dwarkani shared on Oct 19, 2019
image
auth0.com
bookmarks
share
favorite_border0 visibility25
favorite_border0 visibility25 share bookmarks

You might have noticed the recent public discussions around how to securely build SPAs – and especially about the “weak security properties” of the OAuth 2.0 Implicit Flow.

Bharat Dwarkani shared on Oct 10, 2019
image
leastprivilege.com
bookmarks
share
favorite_border0 visibility37
favorite_border0 visibility37 share bookmarks

This article shows how Vue.js can be used together with ASP.NET Core 3 in a single project. The Vue.js application is built using the Vue.js CLI and built to the wwwroot of the ASP.NET Core application. The ASP.NET Core application is used to implement the APIs consumed by the Vue.js UI. The application is secured using a separate secure token server, implemented using IdentityServer4 hosted in an ASP.NET Core 3 application.

Bharat Dwarkani shared on Oct 07, 2019
image
damienbod.com
bookmarks
share
favorite_border0 visibility31
favorite_border0 visibility31 share bookmarks

In this article, you will learn about ASP.NET Core security headers.

Bharat Dwarkani shared on Sep 25, 2019
image
c-sharpcorner.com
bookmarks
share
favorite_border0 visibility13
favorite_border0 visibility13 share bookmarks
add