As seen below using the following code we can encrypt sensitive values such as passwords in ASP.NET
Archive for the ‘Sub-Post’ Category
The HtmlEncode() method can be used when displaying text directly inside HTML tags using block:
Categories: Sub-Post, Uncategorized
As seen below using the following code we can encrypt sensitive values such as passwords by encrypting and then adding salt to it.
Categories: Sub-Post, Uncategorized
In Spring-MVC, form-tags are used to create jsp page. Spring MVC provides multiple options to encode the html-escape-sequences on server side. Add to the web.xml file to apply the filter globaly: At page level, it is defined as a tag-declaration. The code is:
Categories: Sub-Post, Uncategorized
Use when the parameter is being echoed: Use while taking the user input:
Categories: Input Validation, Sub-Post, Uncategorized
Websites often accept user input for the application to display on the screen. If the application is not careful enough with its treatment of user (attacker) input, it is possible for an attacker to inject malicious data, which when displayed on the screen can execute HTML or JavaScript code in the user’s browser. This vulnerability allows an attacker to either permanently or temporarily inject client-side code into the target website. This code executes when the page is loaded by the [...]
Categories: Sub-Post, Uncategorized
Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages. An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also [...]
Categories: .NET, Input Validation, MSSQL, SQL Injection, Sub-Post
Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages. An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also [...]
Categories: Input Validation, MSSQL, PHP, SQL Injection, Sub-Post
Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages. An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also [...]
Categories: Input Validation, MySQL, PHP, SQL Injection, Sub-Post
Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages. An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also [...]
Categories: Input Validation, JSP, Oracle, SQL Injection, Sub-Post
