We all know that most of the nowadays internet users could be tracked – that is not a secret, and honesty of Edward Snowden has supported that already several times. While some of us hide all their data in a panic and others rejoice that they are not registered in social networks, and far-sighted people are looking for safe ways to communicate with their friends – Big Brother is not sleeping and trying to track us.
Tag: security
AngularJS and AntiForgeryToken in ASP.NET MVC
In my previous article, we have implemented form validation including username availability Check with AngularJS. Now we will use ASP.NET MVC’s AntiForgeryToken to prevent Cross-Site Request Forgery (CSRF) Attacks. It generates a hidden form field (anti-forgery token) that is validated when the form is submitted. I see some tutorials, but I want to do in AngularJS way.
WYSIWYG Html Editor and XSS Attack Prevention
In my previous post, we implemented CRUD operations with HTML WYSIWYG editor and allowed user to enter html code for formatting. Now the next step is to validate html input to prevent XSS. One way is to use AntiXss library, but the newer version breaks everything and has compatibility issues, so not reliable. Here is the white-list approach where you can allow specific html tags and other tags will be html encoded based on this discussion(Archive Version).
Implementing Role Based Menu in ASP.NET MVC 4
In my previous post, I explained how to implement custom role provider, authorization and role based navigation on successful login in asp.net mvc 4. In this post, We’ll implement role based menu.
Custom RoleProvider, Authorization, EF DB First and ASP.NET MVC
It’s a step by step tutorial to implement custom role provider and authorization in ASP.NET MVC 4.0 with EF 4.x DB First approach.