XSS Detect is a code-analysis tool proposed, as suggested by its name, for reveal of XSS vulnerabilities in web-applications. It's developed by MS ACE Team and could be downloaded here: XSS Detect The problem is that out of the box it works in VS 2005 only. Here is how to enable it in Visual Studio 2008:
|
Thursday, August 28, 2008
Enable XSS Detect in VS 2008
Preventing XSS in server code in .aspx files using AntiXss
Preventing XSS in server code in .aspx files using AntiXss: _someID=       <%=Microsoft.Security.Application.AntiXss.HtmlEncode(Request.Form["someID"])%> Note that you need to specify fully qualified assembly name for the AntiXss. |
Sunday, August 24, 2008
Monday, August 04, 2008
Viewing log4net files in notepad++
If you're a frequent user of notepad++ and log4net - here is a nice trick I've discovered, that brings a synergism between two. As you know - notepad++ has an option to highlight syntax for subset of supported languages. It is either applied automatically, based on the file extension or could be chosen manually from the Language menu. |
Subscribe to:
Posts (Atom)