Articles : Page 1 of 1
-
6 Ways To Avoid Mass Assignment in ASP.NET MVC
Mar 1212One of the scenarios that I always demonstrate during an ASP.NET MVC class is how to create a mass assignment vulnerability and then execute an over-posting attack. It is a mass assignment vulnerability that led to a severe problem on github last week. Let's say you have the following model. public class User { public string FirstName { get; set; } public bool IsAdmin { get; set; } } When you want to let a regular user change their first name, you give them the following form. @usin...
-
RFC: Web Platform Installer (WebPI) with an offline feed mode for bandwidth savings
Sep 1124My wife is in the Kingdom of Swaziland this evening. If she was a developer over there and wanted to use Web Platform Installer to get Visual Studio or some large download she would have to patiently bring the bits down over 3G. If she was very well off, she might have ASDL with a maximum speed of 512kbps down, most likely with a cap. I've talked about limited connectivity in African countries and other nations (*cough* New Zealand *cough*) before on this blog and it's no fun. I've told the w...
- 1
