Web Forms :: ValidateInput And Web Services

Apr 30, 2010

I have a website which sometimes collects data from users via text boxes, and stores the data for later display.The .aspx site uses standard out-of-the-box asp.net Request Validation to stop cross-site scripting attacks.I now want to give certain users the option of populating the data via a web service rather than a web page.So I am creating an .asmx web service.1)Am I correct in thinking that in .net 3.5, data coming in to a .asmx web service is completely unprotected off-the-shelf from cross-site scripting attacks, and has to be treated with caution and html-encoded and inspected

View 1 Replies


Similar Messages:

MVC :: Getting Safe With ValidateInput As False?

Feb 21, 2011

I want to store certain html tags in my database to the layout of content, for example <h3> and <p> tags. The problem is with ValidateInput set to True, you get "Potential Danger error" when you try sending content with html tags.

With it set to False, you open yourself to all sorts of potential dangers. So Here is what I'm wanting to achieve:

I hope you like the image ! lol I spent 10 minutes in Photoshop to create it.

So eventhing that goes in, I want as encoded, but when I get content back, I want to decode only the <h3> and <p> tags. ! What do you think of my solution ? Bad, Good ?

View 16 Replies

MVC :: Handle HttpRequestValidationException Without Turning Off ValidateInput?

Mar 18, 2011

Is there a way I can handle HttpRequestValidationException without turning off ValidateInput?

What I really want is all HTML posted from a form to be automatically encoded in the model unless a particular property has the AllowHtml attribute set.

If I have to turn off ValidateInput, then what happens to the rest of my model validation? Will it still be validated or do I need to explicitally check ModelState.IsValid?

I'm also catching the exception in a custom model binder class but every time I try to access the offending property from Request.Form, the exception gets thrown. Is there a way to get that value in the model binder?

View 2 Replies

Web Forms :: How To Find All The Web Services And Windows Services Running On A Server

Feb 4, 2011

How to Find All the Web Services and Windows Services Running on a Server in ASP.Net. I have the server details with me and want to find all the Web services running on it.

View 1 Replies

Configuration :: Deploy Window Services And WCF Services Using Web Package?

Apr 3, 2010

I am using Visual Studio 2010 Release candidate1. I have to deploy my web application which consists of a website, certain window services, certain WCF services and Sql Server 2005 database.I read Vishal Joshi's blog(http://vishaljoshi.blogspot.com/2009/09/overview-post-for-web-deployment-in-vs.html) detaing Web Package in VS2010. I want to know how to deploy window services and WCF services using Web Package. Also, I want to create a web setup (.msi) for deployment instead of Web Package so that the .msi takes care of all the application and database deployment like the web package does.

View 1 Replies

Installation :: State Services Not Found In Services.msc?

Jul 20, 2010

I installed vs2010 in my machine and opened solution (of same version copied from other machine).

But getting stateservices error message..Moreover i am unable to find asp.net services in the list of services under serives.msc.

View 2 Replies

Search Text Box Using Web Services & Without Using Web Services In .net?

Mar 4, 2010

I am using HTML controls while using Ajax in my .net project. Now I want to make my text box to be autocomplete. I am fetching a data using a query for the respective typed text but i am not sure how to bind that data to text box and show it the way it is being displayed in google and other famous sites. I would also love to know the way using web services. Which way is more efficient?

View 1 Replies

Together With WCF RIA Services Or WCF Data Services

Jul 12, 2010

Makes it sense to use ASP.NET applications together with WCF RIA Services or WCF Data Services (to encapsulate the data access layer) ? Or are these technolgies only useful for Silverlight applications.

View 1 Replies

Web Forms :: How To Keep A Lot Of Data From A Web Services

Oct 16, 2010

I've built an asp net vb galery to see photo but i tink i've done too much call because I call every time in a updatepanel

the principal photo and the before and after photo, the title and the description .. after few time the sql server go down ... I tought to use an

web services but I don't know how keep a lot of data from a web services ...

There is other way to build one web gallery using the db I've already done ?

View 1 Replies

Web Forms :: Session In Windows Services?

Feb 28, 2010

how to maintain session id in windows services in c#.net ,please help me regarding this issue.

View 2 Replies

Configuration :: Web App Forms Authentication Vs Sharepoint Services

Apr 22, 2010

I am having difficulty getting an asp.net web application to run on a new server. This same app has been deployed to at least a dozen other servers without issue. The x-factor seems to be that Sharepoint Services (WSS 2.0) is present on the new machine.

The app is configured to use Forms Authentication with a redirect to a specified login page, the first symptom is that no attempt is apparently made to redirect new requests, requests proceed directly and then error out when that page attempts to look at the HttpContext.Current.User.Identity.Name.

Second, when navigating directly to the Login.aspx page, the login and authentication check appear to proceed normally, but again HttpContext.Current.User.Identity.Name is blank where is should now have the users login name, and an application error occurs. I have confirmed that the same code on other servers behaves as expected (the Name is set at this point). IIS virtual directory settings are identical as well.

It would seem that something is interfereing with the normal Forms Authentication processes and that something appears to be Sharepoint. We have already listed the web app's path as excluded in the Sharepoint Admin section. Is there something else that needs to be done?

View 2 Replies

Web Forms :: Calling Web Services Asynchronously In Page_Load Event?

May 31, 2010

I'm working on a web application using VB.NET. In page load event am calling a remote web service which take time to bring the data. During this process none of the other contents on page are shown(render).

I want to call this remote web service asynchronously so that other data of page is displayed and web service data will be displayed when its available.

View 1 Replies

Web Forms :: Custom SiteMap Provider From A Database Over WCF Services?

Mar 21, 2010

I have seen a lot of examples posted on how to create a Custom SiteMap Provider which is directly linked to the Business Logic in the Presentation Layer, however, I would like to write a Custom SiteMap Provider which inherits from StaticSiteMapProvider and
is driven by the database. In addition, I would like to expose all of this logic behind WCF Services.

Are there any samples on how to implement a Custom SiteMap Provider over WCF Services since I am having a hard time trying to figure out exactly how to put a solution following this architectural pattern together.

View 1 Replies

Web Forms :: Create Secure And Fast Emailing Services?

Oct 6, 2010

want to create Secure and Fast email service with chat tool like gtalk. i have email server. Please let me know how to create this. if any of you are interested to help me to create such application please ask me. I will accept his perposal with open heart. But before tell me how i can start or what i should do to make ground for that project.

View 2 Replies

Web Forms :: Print Layout Button In MS Reporting Services?

May 21, 2012

in ms reporting services how & where do i get Print Layout button 

so that all the 3 columns of my report can be viisble

as currently inspite of layout having 3 columns only one column is displayed

View 1 Replies

Forms Data Controls :: Can Use A DetailsView Control To Insert And Update With RIA Services

Oct 3, 2010

I'm struggling with trying to use RIA services from an ASP.NET web site.I created a new web site, added an entity framework model, then added a RIA service that uses that model. I used the DomainDataSource control to bind the ASP.NET controls to the RIA service

View 2 Replies

Membership Services Is Separate From Session / Forms Auth Token Is Still Hanging Around In The Browser

Feb 9, 2010

In our application, we have a need for a user to "impersonate" a different user. Think of it as a hierarchy -- Bob is above Frank in a hierarchy. Bob is logged in, and he needs to do things in the system for a short time as Frank. So, we have given Bob a list of users that report to him, and an impersonate link. He clicks on this link, and, behind the scenes, I log Bob out, and log in as Frank. I also set a session variable that tells me that really Bob is they guy who is the user. Also, Bob (acting as Frank now) has a nice little link at the top of every page that says "Stop Impersonation."

In addition, when Bob is impersonating Frank, Bob is restricted from doing some things, like changing Frank's password.

This was working great, until we encountered a situation where, if the session (I think -- getting confused here) gets destroyed (such as when I copy up new code and dlls to the live site), then when Bob clicks on "Stop Impersonation" he gets redirected to the default page, and is still logged in as Frank, but without the Impersonation session variable. So, now Bob really is logged in as Frank, and can change Frank's password (among other things).

How is it that a session variable (Impersonation) gets destroyed, but I guess the session is still hanging around, because it doesn't make the user log in again?

This is a somewhat serious bug for how our system works (bug in our code, I'm sure, not in .Net). We are using ASP.Net c#, aspnet membership services, .net 3.5, forms auth...not sure what else you need to know.

EDIT: Updated information. Looks like when "something" happens, for instance, when I recompile some dlls and copy them to the webserver, the session gets dumped. Or, rather, the variables in the session get dumped. The session id stays the same. I do get to check for Session.IsNewSession and it returns true, even though the id is the same as it was before.

Just like Utaal mentioned, Membership Services is separate from Session, so it's forms auth token is still hanging around in the browser, but my session variable telling me that that isn't really the user who is controlling the browser isn't there anymore.

EDIT: Sky, here is what I'm doing to authenticate a user. I can't figure out where I would insert a ticket into this flow:

if (Membership.ValidateUser(txtUserName.Text, txtPassword.Text))
FormsAuthentication.SetAuthCookie(txtUserName.Text, false);

View 2 Replies

Web Forms :: MS Reporting Services - Report When Generated By Default Should Be Of Current Month And Year

Mar 13, 2012

ReportViewer1.LocalReport.ReportPath = Server.MapPath("reports/DETAILS.rdlc"); 
ReportDataSource rdS = new ReportDataSource("PERSONAL",
GetData()); ReportViewer1.LocalReport.DataSources.Clear(); 
ReportViewer1.LocalReport.DataSources.Add(rdS); 
ReportParameter rp = new ReportParameter("Year", ListYear.SelectedValue); 
ReportViewer1.LocalReport.SetParameters(new ReportParameter[] { rp });

I have a listbox with year  and another with month

I need that the report when generated by default shld be of current month & year

when the users selects the month or and year from the listbox i shld get the reposrt accordingly

I get error when passing parameters

I tried using even server report instead of local

When using local i get report path not set ....

View 1 Replies

IIS Version For WCF Services?

Mar 8, 2010

Which IIS Lowest Version Can be Use For Creating WCF web Services. and Which IIS Version is most suitable for working in WCF

View 2 Replies

Using MVC 2 Credentials To Log Into Other Services

Nov 15, 2010

Here is my scenario -

1/ I have an ASP.NET MVC application running on my server, it uses Windows Authentication.

2/ There is different web application (written in Java) somewhere else that also uses Windows Authentication.

In the Controller of my MVC application I need to grab some information from this other Web app. How can I connect to the "foreign" application using the credentials of the user that is accessing my Controller?

View 1 Replies

Use With Together With WCF Data Services Or WCF Data Services

Jun 21, 2010

Makes it sense to use ASP.NET togehter with WCF RIA Services or WCF Data Services ? Or are these technologies/frameworks only proper for Silverlight primarily ?

View 1 Replies

How To Build Web Services In .net

Jan 30, 2010

some books for a beginner to build Web services in .NET?

View 3 Replies

Book To Know More About XML Web Services

Jan 9, 2010

am involved in a project with UI comprising mainly of Action Script.
My role as an ASP.NET programmer is to pull data from DB using Web Services and
supply it as XML to the Action Script.if I could learn more about XML Web Services in ASP.NET.

View 1 Replies

Application_Start In WCF Web Services App?

Nov 12, 2010

The Application_Start method in Global.asax.cs was being called in my WCF web services application when it was running under ASP.NET 2.

It has been recompiled with the .NET 4 framework and it now runs under ASP.NET 4. However, that method is not ever being called.

View 1 Replies

How To Wrap Dll To Web Services

Jan 25, 2011

I am facing the situation in which i have to expose a dll (managed) through web services. Basically make everything from dll accessible to other applications through web services. The dll is a third party and i cannot give any other info on it , but my problem would not depend on this details.

I am looking for the latest best practices (latest tech) approach on how to start this. One thing i have been documented over was Web Service Software Factory, but i do not know how good would this approach be for my situation, and i would welcome some ideas based on experience ofc. The top things i liked and need in my project about the WS Factory were : SOAP faults handling , Entity Translator , Versioning (covering both forward and backward compatibility).

View 1 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved