A controlled and centralized web framework can offer many advantages related to security to the web applications. In ASP.NET application development, it needs to be backed up with the page-specific security measures to ensure proper data validation. Here are some guidelines on employing proper data validation:
> Avoid the database write actions against the URL parameters
> Ensure that every POST action is actually done from an internal application page
> All the possible exceptions should send only user-friendly messages to the browser
> Any webpage displaying data on the browser that cannot be guaranteed to be safe should be encoded using the server.htmlencode. This will certainly prevent any malicious cross-site scripting attacks
> All the web pages should enforce strict data validation on any piece of data
> Consider the regular expressions as a great way to constrain input in ASP.NET
Thus, these were the basic guidelines to for effective implementation of data validation for ASP.NET programmers.
At SPEC INDIA, our trained team of ASP.NET developers is eager to take care of any custom requirement from our probable Clients and prospects from all over the globe. If you have any requirement or queries, feel free to drop an email at our id lead@spec-india.com, we will be happy to assist you.
No comments:
Post a Comment