.Net EnableHeaderChecking

Posted by James Jardine on November 9, 2015 · Comments Off
Filed under: Security

How often do you take untrusted input and insert it into response headers? This could be in a custom header or in the value of a cookie. Untrusted user data is always a concern when it comes to the security side of application development and response headers are no exception. This is ...

Tags: ASP.Net, asp.net security, developer, developer awareness, Response Splitting, Security, Testing, Vulnerability

Potentially Dangerous Request.Path Value was Detected…

Posted by James Jardine on November 4, 2015 · Comments Off
Filed under: Development, Security

I have discussed request validation many times when we see the potentially dangerous input error message when viewing a web page. Another interesting protection in ASP.Net is the built-in, on by default, Request.Path validation that occurs. Have you ever seen the error below when using or testing your application?...

Tags: ASP.Net, asp.net security, developer, Development, potentially dangerous, Request.path, secure coding, Security, Testing

Blogroll

Archives

.Net EnableHeaderChecking

Potentially Dangerous Request.Path Value was Detected…

Follow Us

Recent Posts