Home/Web Forms/Videos/Chapter 1. How Do I?/Understand and Defend Against Script Injection Attacks in ASP.NET
How Do I Understand and Defend Against Script Injection Attacks in ASP.NET
Cross Site Scripting (XSS) is perhaps the most troublesome security issue for web developers to tackle these days. In this video, Microsoft’s Joe Stagner provides some examples of how dangerous XSS can really be and how ASP.NET helps you easily defend against XSS in your Web Applications.
By Joe Stagner, Joe has spent 10 years providing guidance to developers building web applications.
Table of Contents
How Do I?
- Web Forms Video Training from Pluralsight
- Learn the Tips and Tricks of Experts
- Create a Multi-Lingual Site with Localization
- Make use of Caching
- Make Greater use of Caching
- Utilize Web Parts and Personalization
- Customize my Site with Profiles and Themes
- Secure my Site using Membership and Roles
- Create a "Contact Us" Page
- Create a Full-Featured Customer Login Portal
- Use Master Pages and Site Navigation
- Create Data-Driven Web Sites
- Implement an HttpModule
- Set Up the SQL Membership Provider
- Implement URL Rewriting
- Utilize the CSS Friendly Control Adapters
- Handle Application Events using an HttpModule
- Use Cascading Style Sheets for Web Page Layout
- Create a Custom Membership Provider
- Create a Custom Profile Provider
- Implement Site Navigation in ASP.NET
- Use Validation Controls in ASP.NET
- Create a Custom User Control in ASP.NET
- Implement Health Monitoring for an ASP.NET Application
- Implement Tracing in an ASP.NET Web Site
- Event Handlers in ASP.NET Web Pages and Controls
- Implement a Custom Health Monitoring Event
- Use Control State to Persist Information for a Custom Web Server Control
- Read, Write, and Delete Cookies in ASP.NET
- Save and Load View State Information for a Custom Web Server Control
- Create and Use Application Level Events in ASP.NET
- Simple File Uploads in ASP.NET
- Multiple File Uploads in ASP.NET 2
- Multiple File Uploads in ASP.NET 1
- File Uploads with an AJAX Style Interface
- Work with Master Pages Declaratively and Programmatically
- Handle Events in Master and Content Pages
- Use the ObjectDataSource with a Data Access Class and Business Object
- Create User Selectable Themes for a Web Site
- Share Data Between Client JavaScript and Server Code Using a Hidden Field
- Add JavaScript to ASP.NET Page
- Add JavaScript Event Handlers to ASP.NET Server Controls
- Create and Call a Simple Web Service in ASP.NET
- Deploy a Web Site Copy Web Site Tool
- Create and Use a Custom Configuration Section in an ASP.NET Configuration File
- Configure an ASP.NET Web Site for a .NET Framework Version
- Use the ASP.NET IIS Registration Tool to Configure ASP.NET
- Extend and Customize an ASP.NET Server Control for a Specific Purpose
- Use the Ability to Create Groups with the ListView Control for Different Data
- Make HTML elements accessible from server side code
- Use Roles to Segment Functionality in an ASP.NET Web Site
- Work with Nested Master Pages to Create Standard Content Layouts
- Detect Browser Capabilities in ASP.NET Web Pages
- Map an ASP.NET Server Control to the Adaptor Used to Render It
- Pass Information From One Page to Another Using a Query String
- Use the aspnet_merge.exe Utility to Merge Assemblies
- Implement a Cross Page PostBack in ASP.NET
- Add Controls to an ASP.NET Web Page Programmatically
- Use a Hidden Field to Store and Manipulate Client-Side Information
- Use the Fixednames Option with the Compiler Utility for Maximum Flexibility
- Implement Command Buttons for Individual Items
- Use Skins with CSS for a Flexible and Maintainable ASP.NET Web Site
- Determine Whether to Use a Web Site or a Web Application Project
- Write Web Events to a SQL Server Database SqlWebEventProvider
- Use ASP.NET to Send Email from a Web Site
- Configure Email Notification for Health Monitoring on an ASP.NET Web Site
- Use a Visual Studio 2008 Web Deployment Project
- Send Templated Emails for Health Monitoring Events in ASP.NET
- Send Email Asynchronously with ASP.NET
- Embed an Image in an Email with ASP.NET
- Implement Error Handling when Sending Email with ASP.NET
- Create a Custom Provider for Logging Health Monitoring Events
- Create a Reusable Component for Sending Email to a Distribution List
- Precompile an ASP.NET Website
- Use the FtpWebRequest Class to Create an FTP Connection to a FTP Server
- Export Data to a Comma Delimited (CSV) File for an Application Like Excel
- Use the Reponse.Filter Property to Replace HTML in an ASP.NET Page
- Use OutputCache to Cache an ASP.NET Page
- Cache Portions of an ASP.NET Page
- Control the Caching of an ASP.NET Page Based Upon Custom Information
- Cache an ASP.NET Page Based Upon Information in the HTTP Header
- Synchronize Data in Secondary User Control(s) Based Upon User Selections
- Use the ASP.NET Cache Object to Cache Application Information
- Persist the State of a User Control During a Postback
- Add Client Script Event Handlers Controls on an ASP.NET Page
- Understand and Defend Against Script Injection Attacks in ASP.NET
- ASP.NET Data Access Technologies, an Intro to LINQ
- Create and Use Classes in JavaScript
- Create an Efficient and Standardized Approach for Implementing CSS Styles
- What is ASP.NET
- Choosing the Right Programming Model
- Build Your First ASP.NET Application with ASP.NET Web Forms
- Build Your First ASP.NET Application with ASP.NET MVC
- Best Learn ASP.NET Web Forms
- 5 Minute Intro to ASP.NET Web Forms
- Install ASP.NET and Tools
Tailspin Spyworks
- Tailspin Spyworks - Creating and Popular Products Control
- Tailspin Spyworks - Implementing and Also Purchased Control
- Tailspin Spyworks - Intro UI and EDM
- Tailspin Spyworks - Directory Organization
- Tailspin Spyworks - Category Menu
- Tailspin Spyworks - Display the Product List
- Tailspin Spyworks - Display Per Product Details
- Tailspin Spyworks - Adding Items to the Shopping Cart
- Tailspin Spyworks - Display Shopping Cart
- Tailspin Spyworks - Update the Shopping Cart
- Tailspin Spyworks - Migrate the Shopping Cart
- Tailspin Spyworks - Final Check Out
- Tailspin Spyworks - Adding User Product Reviews
- Tailspin Spyworks - Displaying User Reviews
Building 3.5 Applications
- Intro to Visual Web Developer
- IntelliSense
- Intro to Web Forms
- Page Layout
- Page Lifecycle Events
- Intro to ASP.NET Controls
- Submit and Postback
- Application Level Objects
- Session Level Objects
- Debugging
- CSS
- MasterPages
- Intro to SOAP Based Web Services with Visual Web Developer 2008
- AJAX Style Services with Microsoft Visual Web Developer 2008
- Validation
- Login Controls
Authentication
- Using Basic Forms Authentication in ASP.NET
- Change the Forms Authentication Properties
- Setup and Use Cookie-less Authentication in an ASP.NET Application
- ASP Forms Login Relocation
- Forms Login Custom Key Configuration
- Add Custom Data to the Authentication Method
- Use Custom Principal Objects
- Understanding ASP.NET Memberships
- Configuring SQL To Work with Membership Schemas
- Changing Membership Settings in the Default Membership Schema
- Creating User Accounts with the Create User Wizard
- Creating User Accounts Programmatically
- Validating Users Manually
- Validating Users with the Login Control
- Adding Users to Your Membership System
- Logging Users Into Your Membership System
- Implement the Registration Verification Pattern
- Simple Web Service Authentication
- Creating Inactive Users
- SQL Injection Defense
SQL 2005
- What is a Database
- Understanding Database Tables and Records
- More about Column Data Types and Other Properties
- Designing Relational Database Tables
- Manipulating Database Data
- More Structured Query Language
- Understanding Security and Network Connectivity
- Connecting your Web Application to SQL Server 2005 Express Edition
- Using SQL Server Management Studio
- Getting Started with Reporting Services
- Building and Customizing Reports in Business Intelligence Development Studio
- Creating and Using Stored Procedures
- Enabling Full-Text Search in your Text Data
VS 2005
- Intro to Unit Testing with Team System
- Intro to Testing Web Applications with Team System
- Intro to Load Testing Web Applications with Team System
- Intro to Manual Testing with Team System
- Intro to Managing and Running Tests with Team System
- Measuring the Business Value of AJAX
- Code Coverage of Automated Tests
- Custom Extraction Rules and Coded Web Tests
- Effects of Caching
- Load Test Agent
- Effects of ViewState
- Integrate Defect Tracking with Testing
- Create My Own Bug Work Item
- Write Code More Quickly with Unit Tests
- Practice Test-Driven Development
- Load Test a Web Application
- Tune Web Application Performance with Profiling
- Set Up Distributed Load Testing for High Volume Tests
- Enforce Coding Standards with Code Analysis
- Use Generic Tests
- Publish and Analyze Test Results
- Discover Application Changes Prior to Deployment
- Implement Continuous Integration with Team Foundation
- Automate Testing using Team Build
- Deploy a Web Application during a Team Build
- Run Unit Tests against a Deployed Database
- Enable Code Coverage and Profiling in Production Applications
- Web Deployment Projects
- Web Application Projects & Web Deployment Projects
Migrating
- [Intro to ASP.NET 2.0:] ASP.NET 2.0 Fundamentals
- [Intro to ASP.NET 2.0:] User Interface Elements
- [Migrating from] Classic ASP to ASP.NET
- Intro to ASP.NET for JSP Developers: Welcome to ASP.NET 2.0
- Intro to ASP.NET for JSP Developers: Building Applications
- Intro to ASP.NET for ColdFusion Developers: Adding ASP.NET to Your Repertoire
- Intro to ASP.NET for ColdFusion Developers: Building an ASP.NET Application
- Interop between PHP and the Windows Platform
Building 2.0 Applications
- [Lesson 1:] Getting Started with Visual Web Developer Express
- [Lesson 2:] Creating a Web Forms User Interface
- [Lesson 3:] Understanding More About Events and Postback
- [Lesson 4:] Understanding Web Application State
- [Lesson 5:] Debugging and Tracing Your Website
- [Lesson 6:] Working with Stylesheets and Master Pages
- [Lesson 7:] Databinding to User Interface Controls
- [Lesson 8:] Working with the GridView and FormView
- [Lesson 9:] Securing your Web Site with Membership and Login Controls
- [Lesson 10:] Configuring, Building and Deploying a Web Site
- [Lesson 11:] Building a Quiz Engine 1
- [Lesson 12:] Building a Quiz Engine 2
- [Lesson 13:] Building a Quiz Engine 3
- [Lesson 14:] Building a Quiz Engine 4
- Watch ASP.NET Development in Action
IIS
- Developing and Deploying In a Shared Hosting
- Working with IIS7 Delegated Admin
- Feature Specific Delegated Management
- Troubleshooting Production ASP.NET Apps
- Creating a Site with IIS7 Manager
- Installing FTP7
- Bit Rate Throttling
- IIS7 Playlists
Visual Studio 2010
- Code Optimized Profile
- Code Search View Hierarchy
- IntelliSense Smart Lists
- Multi-Monitor Support
- New Web Project Template
- New Multi-Targeting
- Websites Instead of Web Projects
- Snippets IntelliSense
Ajax Control Toolkit
- Get Started with the ASP.NET AJAX Control Toolkit
- ASP.NET AJAX CascadingDropDown Control Extender
- ASP.NET AJAX TextBoxWatermark Control Extender
- ASP.NET AJAX Popup Control Extender
- ASP.NET AJAX ModalPopup Extender Control
- ASP.NET AJAX AlwaysVisible Control Extender
- ASP.NET AJAX Accordion Control
- ASP.NET AJAX Collapsable Panel Extender
- ASP.NET AJAX Draggable Panel Extender
- ASP.NET AJAX DynamicPopulate Extender
- ASP.NET AJAX FilteredTextbox Extender
- ASP.NET AJAX HoverMenu Extender
- ASP.NET AJAX ToggleButton Extender
- ASP.NET AJAX DropShadow Extender
- ASP.NET AJAX PasswordStrength Extender
- Get Started with the ASP.NET AJAX Animation Extender Control
- ASP.NET AJAX ConfirmButton Extender
- ASP.NET AJAX Slider Control
- ASP.NET AJAX AutoComplete Control
- Configure the ASP.NET AJAX Calendar Control
- ASP.NET AJAX DropDown Control
- ASP.NET AJAX MaskedEdit Controls
- ASP.NET AJAX MutuallyExclusive Checkbox Extender
- ASP.NET AJAX NoBot Control
- ASP.NET AJAX ListSearch Extender
- PagingBulletedList Extender Control
- NumericUpDown Extender Control
- ASP.NET AJAX ValidatorCallout Extender
- ASP.NET AJAX ResizableControl Extender
- ASP.NET AJAX Tabs Control
- ASP.NET AJAX SlideShow Extender
- ASP.NET AJAX UpdatePanelAnimation Extender
- AJAX Toolkit Reorder Control
- Utilize the AJAX Rating Control in the ASP.NET Toolkit
- Control Extenders
- Color Picker
- Combo Box
- Editor Control
- Editor Control Custom
- Create a New Custom Extender
ASP.NET AJAX
- Get Started with ASP.NET AJAX
- Implement Dynamic Partial-Page Updates with ASP.NET AJAX
- Make Client-Side Network Callbacks with ASP.NET AJAX
- Add ASP.NET AJAX Features to an Existing Web Application
- ASP.NET AJAX Enable an Existing Web Service
- ASP.NET AJAX Client Library Controls
- Use an ASP.NET AJAX ScriptManagerProxy
- ASP.NET AJAX RoundedCorners Extender
- ASP.NET AJAX Timer Control
- Implement the Predictive Fetch Pattern for AJAX
- Implement the AJAX Paging Pattern
- Implement the AJAX Incremental Page Display Pattern
- Implement the Incremental Page Display Pattern using HTTP GET and POST
- ASP.NET AJAX UpdateProgress Control
- ASP.NET AJAX History Control
- Implement the AJAX After Processing Pattern
- Update Multiple Regions of a Page with ASP.NET AJAX
- Choose Between Methods of AJAX Page Updates
- Use Other JavaScript User Interface Libraries with ASP.NET AJAX
- Use the ASP.NET AJAX Profile Services
- Debug ASP.NET AJAX Applications Using Visual Studio 2005
- Build a Custom ASP.NET AJAX Server Control
- Use JavaScript to Refresh an ASP.NET AJAX UpdatePanel
- Determine Whether an Asynchronous Postback has Occurred
- Use the Conditional UpdateMode of the UpdatePanel
- Implement the Persistent Communications Pattern with the UpdatePanel
- Localize an ASP.NET AJAX Application
- Implement the Persistent Communications Pattern using Web Services
- Trigger an UpdatePanel Refresh from a DropDownList Control
- Create an ASP.NET AJAX Extender from Scratch
- Build Custom Server Controls that Work With or Without ASP.NET AJAX
- Associate AJAX Client Behavior with an ASP.NET Server Control
- Retrieve Values From Server Side AJAX Controls
- Two Simple Techniques for Triggering Updates to Update Panels
- Use ASP.NET AJAX Cascading Drop Down Control to Access a Database
- Implement Infinite Data Patterns in AJAX
- Basic ASP.NET Authentication in an AJAX Enabled Application
- Dynamically Change CSS ASP.NET AJAX UpdatePanel
- Dynamically Add Controls to a Web Page
- Set Up Your Development Environment for ASP.NET 3.5
- Set Up Your Development Environment for ASP.NET 2.0
- Customize Error Handling for the ASP.NET AJAX UpdatePanel
- Use ASP.NET AJAX Client Templates
Data Access
ASP.NET Dynamic Data
- Your First Scaffold and What is Dynamic Data
- Enable Inline GridView Editing
- Change how my Fields render
- Handle Business Logic Exceptions
- Make Custom Pages
- Display Unknown datatypes
- Use a DynamicControl in ListView and DetailsView Controls
- Getting Started with Dynamic Data
- Begin Editing the Templates in ASP.NET Dynamic Data Applications
- Begin Modifying Dynamic Data Applications with URL Routing
- Enable In-Line Editing in ASP.NET Dynamic Data Applications
- Enable Table Specific Routing in Dynamic Data Applications
- Use Attribute Validation in ASP.NET Dynamic Data Applications
- Implement Custom Field Validation with Imperative Logic in VB or C#
- Remove Columns From Your DynamicData Data Grids
- Create Table Specific Custom Forms in an ASP.NET Dynamic Data Application
- ASP.NET Dynamic Data Custom Form Formatting
ASP.NET 3.5
jQuery
.NET 4
ASP.NET Web Forms vNext
- Strongly Typed Data Controls
- Model Binding Part 1 - Selecting Data
- Model Binding Part 2 - Filtering
- Model Binding Part 3 - Updating
- ASP.NET 4.5 Web Forms Model Binding
- ASP.NET 4.5 Web Forms Strong Typed Data Controls
ASP.NET vNext
- Bundling and Minification
- Getting Started with the Next Version of ASP.NET
- ASP.NET and Web Tools 2012.2
Visual Studio vNext
- HTML Editor Smart Tasks and Event Handler Generation
- CSS Editor Hierarchical Indentation
- CSS Editor Snippets
- CSS Editor Color Picker
- Page Inspector - Introduction
- Page Inspector - Decomposing your Web Application
Comments (0) RSS Feed