[WEB SECURITY] ASP.NET 3.5 Request Validation

Michael S. Menefee mmenefee at securesolve.com
Sat Jun 14 10:29:14 EDT 2008


That covers the differences between 1.0 and 2.0, but I havent been able
to find anything on the topic for v3.5. I assume they have made
improvements, but that may be a stretch...
 

________________________________

From: Eric Rachner [mailto:eric at rachner.us] 
Sent: Saturday, June 14, 2008 1:11 AM
To: Michael S. Menefee; websecurity at webappsec.org
Subject: RE: [WEB SECURITY] ASP.NET 3.5 Request Validation



Check out Mike Eddington's blog post on the subject @
http://phed.org/2008/04/23/aspnet-20-dumbs-down-request-validation/

 

You can also just decompile the binary yourself using a utility such as
.NET Reflector <http://www.aisto.com/roeder/dotnet/> .

 

From: Michael S. Menefee [mailto:mmenefee at securesolve.com] 
Sent: Friday, June 13, 2008 12:45 PM
To: websecurity at webappsec.org
Subject: [WEB SECURITY] ASP.NET 3.5 Request Validation

 

Can anyone point me in the direction of any documentation on ASP.NET
3.5's request validation? I'm curious how it has changed since v2

 

Thanks!

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20080614/68078719/attachment.html>


More information about the websecurity mailing list