In a Text field whatever I will enter after less than "<" symbol will disappear.
So I am just replacing this symbol with a space, please let me know if there is any other desired output we need here.
View Complete Post
Fault injection testing is the process of deliberately inserting an error into an application to determine whether it deals with the error properly. We'll explain how you can introduce faults into .NET applications at run time using the Managed Code Fault Injection APIs of the TestApi library
MSDN Magazine August 2010
This article discusses how to write a library or framework that uses the Dependency Injection pattern and how the change in focus affects the usage of the pattern.
MSDN Magazine November 2009
Using the PIAB you can enhance WCF services with policies such as validation, performance monitoring, authorization and caching without having to change a line of code.
Hugh Ang and David San Filippo
MSDN Magazine February 2008
Today there is a greater focus than ever on reusing existing components and wiring together disparate components to form a cohesive architecture. But this wiring can quickly become a daunting task because as application size and complexity increase, so do dependencies.
MSDN Magazine September 2005
To execute a SQL injection attack, a hacker writes a Web page that captures text in a textbox to be used to execute a query against a database. The hacker enters a malformed SQL statement into the textbox that causes the back-end database to perform operations the owners did not intend it to perform, like making unauthorized updates. This article explains how you can protect against the all too common SQL injection attack in your own database. The steps covered include data validation, proper exception handing, and much more.
MSDN Magazine September 2004
I saw last week that an unknown script was aapended to one or more columns of every row in some sertain tables. I removed that script but it re-appeared once again. The script looks something like this (PLEASE DO NOT CLICK ON THIS LINK....I DON'T KNOW WHAT IT WILL DO)</title><script src="http://google-stats50 . info /ur. php>".
When the script reappeared, it may appear with different link (PLEASE DO NOT CLICK ON LINKS BELOW)
1) </title><script src="http:// google-stats49 . info /ur. php>"
2) </title><script src="http:// google-stats48 . info /ur. php>"
3) </title><script src="http:// google-stats47 . info /ur. php>"
4) </title><a style=display:none; href=http:// worid - of - books . com >book</a>
To prevent these scripts to re-appear, I took the following steps:
a) Encrypting the sensitive information in the Web.config file
b) Making the IFRAME element secure by applying the attribute security="restricted"
I want to know how to avoid sql injection in asp.net webforms??
if something is there like (select empid from emp where empid=textbox1.text) here the attacker can easily attack on the database,then how to write this same code to maintain security should we use query strings?? help me with this,thanks.
I'm currently writing a webapp in MVC where I need to have a Request ID number for each submission that users send in. I originally wrote the class using a Singleton pattern which would contain "private static List<Request>" and then public accessor methods allow the list to be manipulated, updated, etc. -- So when hitting a new request page, the user would be assigned a new unique request ID and this would ID would be stored in the List<Request> of the Singleton with status, etc. and stay with them until they close the window or complete the request. So it would be a unique request number, but also give me a unique way of controlling the session and preventing double submissions or re-submissions of the same request.
I thought that this was brilliant until it was explained to me on StackOverflow that each page request is started in its own process and runs to completion and then the process dies, and the singleton with it. So with each new page request starts a new process with no knowledge of the previous singleton that was in memory.
The smart solution would be to store this in a DB, but unfortunately, I have none immediately available to me at the moment, so I'm storing the very last Request ID number in web.config. It's a hack, I realize...
So because of the way MVC works, it seems that Singleton and Static Clas