asp.net 1.1 provides auto-protection from scripting attacks

dotNET

Did you know that ASP.NET v1.1 automatically checks for possible scripting attacks when users enter info into you forms? I didn’t! I learned it in my prep for my DevDays session.

So this:

(with Errors =”Off” in web.config) results in this: (click to enlarge)

This protection is on by default. It is controlled in a few places. See this article on Microsoft’s ASP.NET site for more details.

  Sign up for my newsletter so you don't miss my conference & Pluralsight course announcements!  

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.