Sign In
Home
Recent
Media
Videos
Podcasts
Screencasts
Shows
ARCast with Ron Jacobs
ARCast.TV
Behind The Code
See All Shows...
Forums
Coffeehouse
Tech Off
Feedback
Sandbox
Key Topics
Visual Studio
Continuum
Wiki
Search
About
Subscribe
crosssitescriptinglab
Cancel
Save
Edit
Return to
HomePage
Cross-Site Scripting Lab Modules
The cross-site scripting lab modules show you how to protect from cross-site scripting issues.
Contents
* Objectives
* Video
* Lab
* Recommended Guidance
* Feedback
Objectives
* Recognize cross-site scripting vulnerabilities.
* Encode untrusted output with
HtmlEncode.
* Validate input with a regular expression.
* Use ASP.NET’s built-in cross-site scripting protection mechanism.
Video
The video is a small wmv file download:
*
Video Demonstration
Cross Site Scripting
Lab
The lab is small zip that you need to extract to see the example code:
*
Lab Project Files
CrossSiteScriptingLab.zip
Recommended Guidance
*
How To: Prevent Cross-Site Scripting in ASP.NET
*
How To: Protect From Injection Attacks in ASP.NET
*
How To: Use Regular Expressions to Constrain Input in ASP.NET
*
Design Guidelines for Secure Web Applications
(See "Input Validation" section)
*
Architecture and Design Review for Security
(See "Input Validation" section)
*
Security Guidelines: ASP.NET 2.0
(See "Input and Data Validation" section)
Feedback
* Send mail to labmods at microsoft.com
Return to
HomePage
Return to %5bHomePage%5d ---- %21%21%21 Cross-Site Scripting Lab Modules The cross-site scripting lab modules show you how to protect from cross-site scripting issues. %21%21%21 Contents * Objectives * Video * Lab * Recommended Guidance * Feedback %21%21%21 Objectives * Recognize cross-site scripting vulnerabilities. * Encode untrusted output with %5bHtmlEncode.%5d * Validate input with a regular expression. * Use ASP.NET’s built-in cross-site scripting protection mechanism. %21%21%21 Video The video is a small wmv file download%3a * *Video Demonstration* %5burl%3aCross Site Scripting%7chttp%3a//mylabs.members.winisp.net/videos/crosssitescripting.wmv%5d %21%21%21 Lab The lab is small zip that you need to extract to see the example code%3a * *Lab Project Files* %5burl%3aCrossSiteScriptingLab.zip%7chttp%3a//mylabs.members.winisp.net/labs/CrossSiteScripting.zip%5d %21%21%21 Recommended Guidance * %5burl%3aHow To%3a Prevent Cross-Site Scripting in ASP.NET%7chttp%3a//msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000004.asp%5d * %5burl%3aHow To%3a Protect From Injection Attacks in ASP.NET%7chttp%3a//msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000003.asp%5d * %5burl%3aHow To%3a Use Regular Expressions to Constrain Input in ASP.NET%7chttp%3a//msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000001.asp%5d * %5burl%3aDesign Guidelines for Secure Web Applications%7chttp%3a//msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh04.asp%5d %28See %22Input Validation%22 section%29 * %5burl%3aArchitecture and Design Review for Security%7chttp%3a//msdn.microsoft.com/library/en-us/dnnetsec/html/THCMCh05.asp%5d %28See %22Input Validation%22 section%29 * %5burl%3aSecurity Guidelines%3a ASP.NET 2.0%7chttp%3a//msdn.microsoft.com/library/en-us/dnpag2/html/PAGGuidelines0001.asp%5d %28See %22Input and Data Validation%22 section%29 %21%21%21 Feedback * Send mail to labmods at microsoft.com ---- Return to %5bHomePage%5d
HTML
Preview
Cancel
Save
Edit
Delete
Edit
Comment on Post
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Reply
In reply to {0}
Download:
[Pending]
Delete
Edit
Comment on Post
Be the first to comment!
Reply
Reply to root
In reply to {0}
Start related discussion
Forum:
PDC Talk
Site Feedback
Tech Off
The 9 Guy Around The World
The Coffeehouse
Subject:
Design
HTML
Preview
Tags
*Loading available tags
�
Separate tags using commas like this: Xbox, Windows Vista, Gaming
(view existing tags)
File:
[No File]
Add File
Remove
Cancel
Attach one file of type: Zip, PDF, XPS, Office Document (.doc, .docx, etc.), Image (PNG, JPG, GIF)
Cancel
Saving...
History
Modified By:
System
Apr 30th @ 11:12 AM
Views (79)
Share
Del.icio.us
Digg
FriendFeed
Facebook
Markup Quick Guide
*bold*
_italics_
+underline+
! Heading 1
!! Heading 2
* Bullet List
** Bullet List 2
# Number List
## Number List 2
[another wiki page]
[url:http://www.example.com]
[image:example.gif]
{"Do not apply formatting"}