Securing ASP.NET MVC Application Checklist

后端未结

关注

 4  1384

轻奢々 2021-02-02 03:14

I am looking for a set of guidelines or a checklist that you can go over for securing a public ASP.NET MVC Website. I just want to make sure that I am not making any of the obvi

4条回答

自闭症患者 (楼主)

2021-02-02 04:12
I kinda do the following;
1. Seperate my concerns. Admin in admin folder etc.
2. [Authorize] on all actions that require you to be logged in.
3. Html.Encode all data entry fields.
4. ActionResult Create([Bind(Prefix = "", Exclude = "id")]MyModel newModelObject) <== exclude id's that can be used in an attack
Other than that...
0 讨论(0)

查看其它4个回答
发布评论:

提交评论
- 加载中...