Chapter 3: Input Validation

– What is Input?
– The Need for Input Validation
  – The Data/Control Channel Problem
    – SQL Injection, Cross Site Scripting, Directory Traversal
– Input Validation Techniques
  – Black Listing
  – White Listing
    – Data Type Conversion
    – Regular Expressions
    – XML Validation
    – Resource Access
– Mitigation Techniques
  – Output Encoding (Encoding Contexts and Encoding Controls)
  – Sandboxing
  – Integrity Checking
– Validation in ASP.NET Applications
  – Automatic Validation Services
    – Request Validation
    – ViewState Validation (+ Replay Protection)
    – Event Validation
      – Building Custom Controls with EventValidation Support
    – Header Checking
  – Form Validation
    – Manual Validation
    – Validation Controls
  – Building a Custom Validation Control

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s