crosssitescriptinglab | Channel 9

Sign In

Subscribe

Return to HomePage

Cross-Site Scripting Lab Modules

The cross-site scripting lab modules show you how to protect from cross-site scripting issues.

Contents

* Objectives
* Video
* Lab
* Recommended Guidance
* Feedback

Objectives

* Recognize cross-site scripting vulnerabilities.
* Encode untrusted output with HtmlEncode.
* Validate input with a regular expression.
* Use ASP.NET’s built-in cross-site scripting protection mechanism.

Video

The video is a small wmv file download:
* Video Demonstration Cross Site Scripting

Lab

The lab is small zip that you need to extract to see the example code:
* Lab Project Files CrossSiteScriptingLab.zip

Recommended Guidance

* How To: Prevent Cross-Site Scripting in ASP.NET
* How To: Protect From Injection Attacks in ASP.NET
* How To: Use Regular Expressions to Constrain Input in ASP.NET
* Design Guidelines for Secure Web Applications (See "Input Validation" section)
* Architecture and Design Review for Security (See "Input Validation" section)
* Security Guidelines: ASP.NET 2.0 (See "Input and Data Validation" section)

Feedback

* Send mail to labmods at microsoft.com

Return to HomePage

- History
  
  Modified By: System
  
  Apr 30th, 2008 @ 11:12 AM
  
  Views (245)
- Share
  - Del.icio.us
  - Digg
  - FriendFeed
  - Facebook
Markup Quick Guide

*bold*

_italics_

+underline+

! Heading 1

!! Heading 2

* Bullet List

** Bullet List 2

# Number List

## Number List 2

[another wiki page]

[url:http://www.example.com]

[image:example.gif]

{"Do not apply formatting"}

ASP.NET: Script# Update - v0.5.5.0
Channel 10: Difference between DirectX 10 and DirectX 11
Channel 10: WHS Power Pack 3 Arrives
Channel 10: ASUS Brings GUI to BIOS
ASP.NET: Microsoft AJAX CDN – Now with SSL Support
Channel 9: TWC9: XAML tools, Silverlight for Live Writer, Surface SDK,
ASP.NET: PDC09 Talk: Building Amazing Business Applications with Silverlight 4, RIA Services and Visual Studio 2010 – Now in Visual Basic!!
Channel 9: C9 Conversations: Brian Beckman on Complexity [C9 Conversations: Brian Beckman on Complexity]
Channel 10: Black Friday Deals on Windows 7 Machines
Channel 10: Holiday Shopping on Bing Cashback = Big Online Savings
Channel 10: Black Friday Deals at the Microsoft Store
Channel 10: Incredible Black Friday Deal: Windows 7 Notebook for $197
ASP.NET: Presenting in Europe Next Week
TechNet Edge: AlignIT IT Manager Podcast #30 - Straight Talk about Windows 7
WindowsClient: You know your post rate has gone down...
Silverlight: Geek Profiles – Scott Guthrie
Channel 9: C9 Lectures: Dr. Erik Meijer - Functional Programming Fundamentals Chapter 9 of 13
TechNet Edge: Managing Your Virtual World - Tech Focus November 2009 Part 2
ASP.NET: Silverlight and RIA Services: Implementing Search
Channel 9: C9 Lectures: Brian Beckman - Covariance and Contravariance in Physics 1 of 1
close

Microsoft Communities