This is part -3 of my series Secure your Asp.Net Applications. In this article, I will describe what exactly Cross Site Request Forgery (CSRF) is and how hacker exploit it and how we can prevent from CSRF attack.
You can read my previous article of this series from :
cross site request forgery is also known as one click attack, sea surf and session riding andabbreviated as CSRF. CSRF attack is kind of secuirty exploit attack in which attacker uses the authentication of the victim on victim's browser.
MVC4Bootstrap3Sample is an Asp.NET MVC4 project using Bootstrap3 as its theme. To use it download the project file from my Github repository and open the solution in Visual Studio.NET 2012. This repository's bootstrap3 is not added by using Nuget.
I have studied these tips and tricks from many websites and blogs then tried them on my applications , authenticated those tips and tricks myself and completed this presentation .Although points i have mentioned are just suggestions not the benchmarks .
This is part -2 of my series Secure your Asp.Net Applications. In this article, I will describe what exactly Cross site scripting (XSS) is and how hacker exploit it and how we can prevent from XSS attack.
For part-1 of this series you can check from HERE which is Secure your asp.net application from SQL Injection.
Cross-Site Scripting -
Ahhhh a developer never wants to get hacked his own web application .but intruder , malicious persons are more than developers , and i used to be one of them and then turned into a developer .as i have walk in both the shoes , so i have decided to write a series of articles which will definitely help to hack proofing a web application . A developer should always concerned about hack attempts in their applications ,and its a developer duty as well .lots of online tools , spoofing tools , sniffers tool etc are available on the internet .so even a normal internet user can turned into a hacker . i hope everybody knows the consequences of being hacked , so by not describing them , i better do write my article. lets gets start understanding of some hacks and how a developer can prevent them .in this first article i will start by sql injections.
Recently i have used bootstrap as UI framework for my projects . i find one issue , it was giving dotted lines around my text-boxes on Firefox-5 and IE-8. it looks ugly and many people on web already searched the solution . 1). To fix this quickly for text-boxes, you will have to change a bit in bootstrap.css .Findinput[type="text"]:focus in your bootsrap.css and the you will get this string somewhere below in the bootsrap.css i.e outline : thin dotted \9 . remove just this line and you are done for the text-boxes .
This is a personal Blog. Articles , Tips and Code expressed here represent my own and not those of my employer.I have documented my personal experience on this blog.I will not be liable for any losses, injuries, or damages from the display or use of this information.