Asp.net - Is There Java Counterpart For 4's <%: %> XSS Prevention

Apr 9, 2010

I'm developer moving from C# to Java. Heard about new ASP net feature. <%: %>. It renders object with html encoding. Only these impolementing IHtmlString interface are not encoded (to prevent double encoding).See more in http://weblogs.asp.net/scottgu/archive/2010/04/06/new-lt-gt-syntax-for-html-encoding-output-in-asp-net-4-and-asp-net-mvc-2.aspx

View 2 Replies


Similar Messages:

C# - Java Counterpart Of Data Access Tutorials

Dec 7, 2010

I am relatively new in Java technologies. I want to know the best frameworks and which to consider when I am making a similar web application just like in the ASP.NET Data Access Tutorials. My backend is MySQL. And my criteria from being 'similar' is ease of use and application extensibility and maintainability.

View 2 Replies

C# - Why Isn't ValidateRequest True Enough For XSS Prevention

Apr 1, 2010

In the notes for Step 1 in the "How To: Prevent Cross-Site Scripting in ASP.NET" it is stated that you should "not rely on ASP.NET request validation. Treat it as an extra precautionary measure in addition to your own input validation."

View 2 Replies

C# - Javascript Injection Attack Prevention For Textboxes?

Nov 26, 2010

I have a textBox and a property to get and set its value:

public SomeText
{
get { return HttpUtility.HtmlEncode(textBox.Text); }
set { textBox.Text = HttpUtility.HtmlEncode(value); }
}

I have used HtmlEncode to prevent Javascript injection attacks. After thinking about it though I'm thinking I only need the HtmlEncode on the getter. The setter is only used by the system and can not be accessed by an external user.

View 2 Replies

Asp.net - Client Validation That Acts The Same As Page Validator/XSS Prevention?

Feb 9, 2011

I've got a free text form for people to submit feedback/support requests. ccasionally people will past in a support ticket or error log that contains something that triggers the .NET page validator as an XSS attempt. This takes the user to the error page as if the site choked on their input.Preferably, I'd rather have the page do some client-side validation when they press the save button before it's actually submitted.Is there a regex or some method I can hook into that would do the same basic check on the client side, or will I just have to write a regex that disallows certain characters all together like < and >?

View 1 Replies

SQL Server :: Create A 2005 New Login For SQL Injection Prevention

Sep 1, 2010

Our database affected with SQL Injection. so We need to create a sql server 2005 new login for SQL Injection prevention. User can perform, access tables with select, update and delete queryaccess views, functions and stored proc perform cursor. what are the permissions given for that login account?

View 1 Replies

Java Can Store Procedures As Java .Net Interop

Jul 5, 2010

I'm looking for a way to access a Java API from both a Java console application and an ASP.Net application.In short my Java API exposes a series of methods for dealing with invoices. All of these methods are essentially commands e.g.

GenerateAllInvocies
GenerateInvoiceNumber
PrintAllInvoices
PrintInvoiceNumber

All methods will interact with the database. I had believed Web Services was going to be my means for interop. But I have since been made aware of Java Stored Procedures in Oracle.

View 1 Replies

Way To Call Java From A Java Console App

Jul 1, 2010

I got asked to write a java application for my company. I'm a seasoned .Net developer so this is all new ground to me.My task is to produce an invoicing application that has several high level tasks such as:Build single invoiceBuild all invoicesMy company want to be able to call these tasks from a java console application - passing in relevant commands and parameters to invoke the tasks. They also want to be able to invoke the same code from an ASP.NET application.

View 2 Replies

Switching From VB.net, .net To Java?

Aug 22, 2010

I am programmer analyst working mainly in Asp.net for more than 3 yrs. I always wondered why employers are ready to pay more dollars for the same skill a person have in dotnet. I also see more BPM technologies are based on Java. Like Pega, Tibco etc. I have learned java in my college 4-5 years back.

View 3 Replies

Way To Call A Function In .cs By Using Java

Jun 30, 2010

have, I am using JAVA's confirm function on one of the button in my aspx page, and base on the response, I would like to call a function with in the cs file.

<asp:Button ID="myButton" runat="server" Text="Click Me" OnClientClick="ShowTextBoxContent();"/>
<script type="text/javascript"> .....

View 1 Replies

Translating Code From Java To C#

Nov 11, 2010

I want to test this code found here. It allows me to auto-load content from server as the user scrolls down the scroll down. I am having difficulties trying to convert code to C#/ASP.NET. Primarily, I want this code to be translated to C#/ASP.NET:

package com.vraa.demo;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class InfinitContentServlet extends HttpServlet {
private static Integer counter = 1;
protected void processRequest(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
PrintWriter out = response.getWriter();
try {
String resp = "";
for (int i = 1; i <= 10; i++) {
resp += "<p><span>"
+ counter++
+ "</span> This is the dynamic content served freshly from server</p>";
}
out.write(resp);
} finally {
out.close();
}
}
@Override
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
processRequest(request, response);
}
@Override
protected void doPost(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
processRequest(request, response);
}
}

In addition, I would like to know if I have to make any changes to this JavaScript code:

<script type="text/javascript">
$(document).ready(function(){
$contentLoadTriggered = false;
$("#content-box").scroll(function(){
if($("#content-box").scrollTop() >= ($("#content-wrapper").height() - $("#content-box").height()) && $contentLoadTriggered == false)
{
$contentLoadTriggered = true;
$.get("infinitContentServlet", function(data){
$("#content-wrapper").append(data);
$contentLoadTriggered = false;
});
}
});
});
</script>

View 1 Replies

Use Forms Authentication From Java

Jan 26, 2011

We currently have a simple portal kind of functionality built based on ASP.NET Forms-based authentication. All the existing apps that make use of this authentication mechanism are ASP.NET based (and run on the same domain). So, all works fine. We have a new requirement to get some new Java-based web applications make use of the same authentication as well. All our apps are accessible over HTTPS.

View 1 Replies

Java - How To Select Best Technology

Oct 19, 2010

Recently we got a project which can be developed either in J2EE or Asp.Net (no restriction from client). Client is asking to give best solution to maintain the project in long run.

Here I don't want to discuss about "Java vs .NET" but need to know which one is preferable to reduce maintenance cost. If I choose any of these technologies, which one will require less development and maintenance cost. Also consider recruiting people like developers, server administrators and software purchase and etc.

If I go to Java, I can choose any Operation System, Web Server, Application Server and database. But for a kind of enterprise applications will there be any low cost when compared to MS technologies?

Simply putting, assume I need to have 100 web servers, 30 database servers. Which one will require less investment?

View 1 Replies

Java - Windows Vs Web Client?

Nov 25, 2010

i have a discussion going on in the organisation where i am employed as a consultant. The discussion revolves around the replacement of a application built using VB6(MDI) thick client. This application has around 100 screen + 40 reports. Used by approx 400 users the reports and the data are pulled using inline queries while the db structure is pretty normalized . the rest of the code is pretty bad. While discussing replenishment strategies we are throwing around a few ideas.

J2EE Web application running on Web sphere using Crystal reports for Reports. ASP.NET web forms web application using crystal reports for reports. Windows Client application (WPF/Win-forms) with reporting services for the reports.

While i don't want to start a flame war(Dot net vs Java or WEb vs Desktop) it would be nice to know the community thoughts on the matter. Just to be upfront i feel that option 3 maybe the best version. ut i would like to know the opinions of others.

View 6 Replies

Using Java .jar Package In Asp 4.0 Application?

Jan 13, 2011

I have a jar file exporting some functions which i want to use in my asp.net application. How can i achieve this? Will anything change if i use it in an windows azure application?

View 1 Replies

WCF / ASMX :: Integration With Java?

Feb 17, 2011

Please help me how to use WCF Service in Java application.

View 3 Replies

C# - Java Script Cannot Access .net Var?

Dec 2, 2010

I have this c# user control class:

public partial class UserControls_JsTop : System.Web.UI.UserControl
{
public static string sidebarBannerUrl = getSideBarBannerImgUrl();

[code]....

I try to acces the static var in a js script:

load it here:

<script type="text/javascript">
var categoryParam = '<%# CQueryStringParameters.CATEGORY %>';
var subcategory1Param = '<%# CQueryStringParameters.SUBCATEGORY1_ID %>';[code]....

I do not understand why it is empty. there is a record in DB with that condition.I think there is some js problem when loading the var...

View 1 Replies

Form Validation In Java Script?

Feb 9, 2011

I have two fields in a form that a user can only put either 0 and 1. Both cannot have same value. if first amount is 0, the second amount must be 1. and someone show me how to write a validation in Javascript that I can call it from JS.file At the same time, I want to be able to create the same validation when the form is generated dynamically. so the Javascrip validation has to be created from code behind once the input form is created. If you have any link in the site that can show me lots of this kind of example, I want to learn this stuff.

txtAmount1.Text =0
txtAmount2.Text =1

View 2 Replies

VS 2010 Is It Possible To Launch A VB Sub From Java Script

Nov 9, 2010

Is it possible to launch a VB sub from Java Script? I have tried a couple of options inclusive of:

Code:

[code]....

The above generates an error: "Microsoft JScript runtime error: Object doesn't support this property or method". On the VB side I have a protected sub named ViewDetail which validates the selected record and the displays all detail related to the record in a new page/window.

Code:

[code]....

The above generates no error, but doesn't redirect to the new page/window either. The Page_Load event performs the record validation and subsequently loads the record's detail.

I am using an obout Grid's double click event (a java script at initiated at the client side) to record the value of the selected row and now want to open a page (performed at the server side) reflecting the detail of the relevant record.

View 8 Replies

Transferring XML File To Java Application?

Feb 18, 2010

I am getting patient detail and stored that details in the form of XML (.xml) file.

As soon as XML file is created then I need to transfer that file to Java application automatically. (From one server it need to Transfer to another)

Note : I am using ASP.NET (.Net FW 3.5)

How to do it?

View 3 Replies

What's The Java Equivalent To Http Modules

Jan 17, 2010

I'm considering rewriting a small Http Module i made in ASP.NET in Java. Based on a specific URL, the Http Module inserts some HTML on an empty HTML layout, do some basic reformatting, and finally returns the rendered HTML. Being new to Java web development, what is the equivalent to ASP.NET Http Modules?

View 2 Replies

What's Freenode Irc Channels For Java - J2EE - C# And SOA

Oct 7, 2010

What are the Freenode irc channels for Java, J2EE, C#, asp.net and SOA?

View 1 Replies

C# - Shared MySQL Database For Java

Oct 27, 2010

I recently developed a Java Application for a client with MySQL database. Now he wants to have ASP.NET website connected with the Java Application. I'm thinking of placing the database on a local server which would support both the desktop application and the website. What i want to know is, is it the good way to handle these kind of scenario or is there any standard method?

View 1 Replies

Using A Java Applet In A SharePoint Web Part

Dec 3, 2010

I have a need to integrate a third-party Java applet into a custom web part I wrote for SharePoint 2007. The web part simply loads a user control I created that contains the bulk of the functionality, and that's where the applet will go. I added it to my user control project and it works fine outside of my SharePoint environment.

I installed the updated web part onto my MOSS 2007 development site and the part's page loads fine. The applet is triggered by clicking a link button on the page, which runs some client-side JavaScript to start it. The problem is nothing seems to happen when I click the link. No error messages appear, and the stuff the applet is supposed to do never occurs (it's for doing file transfers via FTP). I have the .jar file as an embedded resource in my user control DLL, which is deployed to the bin folder, and SharePoint fully trusts this DLL.

I used Firebug to step through the initialization code and I saw an HTTP GET that failed with a message about not being authorized, but it didn't give any details and I'm not positive it was related to the applet. Is there anything special I need to do to make the applet work? Or am I going about this the wrong way?

EDIT: The problem turned out to be the .jar file for the applet couldn't be found. SharePoint is clearly doing something different here, and I need to find out what. Can Java applets be used within a SharePoint site? This question suggests they can, but in that case a Page Viewer web part was used, which isn't going to really work for me.

View 2 Replies

Encoding Base64 In Java And Decoding In C#

Aug 4, 2010

I have to send a file to my webservice, but the webservice assumes the file (byte Array) as a base64Binary.

Before the encoding, the byteArrayFile is saved on disk as a regular File. (I'm doing it just for testing)

So, in my Java client for webservice, I'm sending the information this way:

String file = new sun.misc.BASE64Encoder().encode(byteArrayFile);
port.sendFileToWebService(file);


The webservice have to decode the information and save the received file on disk.

[code]....

View 3 Replies







Copyrights 2005-15 www.BigResource.com, All rights reserved