Safely Test a JavaScript Change Without Touching the Server–A Huge Time Saver

The fastest bug fixes are the ones you can make and test right on the spot.  However, many times access to the web server in order to update JavaScript files is not possible, convenient, or is potentially dangerous (affects all users if your fix fails miserably).  Fortunately, there is a way to test a fix…

0

Additional Considerations When Using ASP.Net MVC Cross-site Request Forgery Prevention

Although cross-site scripting (XSS) attacks get most of the web security press, cross-site request forgery (CSRF) is often much easier for an attacker to exploit.  Fortunately, ASP.Net MVC provides helpers to prevent these attacks.  Steven Sanderson has an excellent post describing CSRF and how ASP.Net MVC’s AntiForgeryToken helper prevents CSRF. Unfortunately, security measures have a…

0