C# - Secure Comunication Between A Web Page And The Server?
Jun 1, 2010
I'm wondering if theres already a combo let say jQuery - Some C# DLL to proive a secure both way communication between ASPX forms with jQuery and a control layer based on ashx files with C# classes...[From comment below]Well I see I have to be more specific. The are things like sniffers on simple network analysis tools even like Firebug that let you see the data transfered via POST or GET. The idea to secure a Server Client application is to ensure that data isn't corrupt and compromised, and to achive that you have to make imposible to an atacker to report false info so the best is to have improved some cryptographyc algorithms both on client and server to crypt decrypt encode decode data...
View 2 Replies
Similar Messages:
Oct 25, 2010
I have a browser compatibilty problem with https? I have SSL installed and is in usage. Until today morning, my https part is working well. From then, Https is shown as https(with slashed in red color) saying the page has some insecure content. I have not changed any code and suddenly i see this problem in chrome. In IE 8, i see the same problem but on every page, it shows me a popup if i should allow to opne secure and non secure or just secure. Firefox has no issues . It shows correct https without any problem. I am fed up with it searching all over. Why is this happenening for me in Chrome and IE 8.
View 3 Replies
Oct 24, 2010
I have a custom mini login user control that I have embedded in the top of my website which shows on every page. These pages are non-secure HTTP://. I would like to avoid having to redirect the user to a HTTPS page to perform the login but I definitely don't want to send login credentials to the server in plain text.
I am trying find a method to send the user's login credentials encrypted via https from a non-secure (http) page.
I tried to set the postbackurl for the login button to itself but in https, but the user's input is not retained and the buttonLogin_click is not fired when I set the button postbackurl property. My ASP.net web application is VB.Net framework 4.0
I am assuming this can be done because I see lots of websites where login fields are on available on every page and they are running http and I can believe they are not encrypting the login credentials.
View 3 Replies
May 28, 2010
I am developing a web application in which the clients wants to send a pdf copy of aa Authenticated Page to users and as well as to the administrator..
As I google about this problem but didnt find any solution.
Because in all cases I have to pass the url of the secure page to the function...and in runtime when function make a webrequest to the page it will always generate the PDFof the login page.
So is there any way to generate the PDF of a secure page in C# ASP.Net
View 1 Replies
Sep 17, 2010
I'm working on a legacy web application - frames and a mixture of html, asp and aspx. The entire site is https. For some strange reason when I hit a specific page I get the magic message that says the Page contains both secure and nonsecure items. (IE obviously doesn't want to tell me what those resources are) I have checked the page that's being loaded and there are absolutely no http://... links - everything is relative links.
I have fired up fiddler and checked what's being requested - everything looks fine. I am completely at wit's end here. I have absolutely no idea why I'm getting this message, but it's completely screwing with the site.
View 3 Replies
Jul 13, 2010
My web application will be launched through existing thick client applications. When launched, an HTTP POST request will be generated including information like the userID and additional context information (basically stuff like the target user's name, birthday, etc.).
My plan for authentication is for there to be a look-up table in the database. If the username is already there, automatically login the user, but if there is no entry in the database, redirect the user to an initial login page which will be used to create that database entry.
My question is how to secure this against MITM and other security holes. How can the request generated through the thick client be on an SSL connection? Doesn't an SSL connection have to be authenticated with the username (and password) first? And if so, will the additional context information be publicly exposed until the user is logged in?
View 1 Replies
May 14, 2010
If I have users upload images to my web server, and they are simply stored in a folder, how secure are they? This of course is assuming that IIS is configured not to serve image files directly from a browser request, or mods are made in the web.config file to prevent direct access, etc, ex:[URL]
View 5 Replies
Mar 16, 2010
I get this error on line 39 -"Server does not support secure connections.".
[Code]....
View 5 Replies
Apr 8, 2010
I'm trying to add some share this javascript in between the head tags of an asp.net page but only if the page is not secure (!Request.IsSecureConnection). How do I get the code in the head tags to check for secure connection and then write the javascript if not secure. I've tried using <% %> blocks and RegisterStartupScriptBlock and it's not working UPDATE: Was able to get it to work using this in the Page_Load
if(!Request.IsSecureConnection)
{
HtmlGenericControl Include = new HtmlGenericControl("script");
Include.Attributes.Add("type", "text/javascript");
Include.Attributes.Add("src", "http....");
this.Page.Header.Controls.Add(Include);
}
View 2 Replies
Apr 23, 2010
How do I go about securing files that are stored on the server? We have an ASP.NET app which generates PDFs. These are not stored in the wwwroot folder but in another folder i.e. C:inetpubdata. This provides more security but maybe not enough. The ASP.NET/IIS process will need write access to this folder so it generate the PDFs there.
Once the pdf is generated, it can be viewed using an ASP.NET form called viewpdf.aspx with the file to be viewed add to the query string like so viewpdf.aspx?FILE=mynewfile.pdf. This is loaded from a gridview.
The full path to C:inetpubdata is resolved and loaded in the Page_load event of the viewer page. Now I'm wondering how to secure this. Anybody could just view the file. Not by entering in the URL, as it won't been seen by IIS (its not in wwwroot), but could change the querystring in the viewpdf page.
How do I stop anybody hacking this?
View 3 Replies
Jul 20, 2010
I have a graphical user interface for my company product.I want to secure the data being sent back and forth between client and server.
Is SSL one of the options? some1 tell me the steps on how to implement it in my application code.
Do i need to buy the certificate or can i make it.. which is the best choice?
I am logging in using FormsAuthenticationTicket as follows:
Session["userName"] = UserName.Text;
Session["password"] = Password.Text;
Session["domain"] = Domain.Text; [code]....
View 3 Replies
Aug 10, 2010
I have a GUI when i log in i create a cookie and it encrypt it. I am usin SSL.
I check in the Login.aspx page if the cookie is secure, which it is. but then before going to the default page it goes to the Global.ascx page.
Here in the Application_AuthenticateRequest it gets the cookie and decrypts it for the default page..
Now i know that it is getting the same cookie as all the other attributes match the one that was created in the Login.aspx page excet that the secure value is "False".
this is the case for all other pages after default. the value of the cookie.secure is false.
why is this happening as i want all the pages to be secure by SSL.
Also the pages are opening as https not http.
here is my web.config
[code]....
View 1 Replies
Jan 18, 2010
After logging to the mvc site using a secure connection (https), calling actions using https connection show up with the user logged in but calling actions using http it bahaves as if user didn't log on. Since I need to use a virtual directory for https connections(and can't use that directory for http connection) Https links start with: [URL]
View 1 Replies
Aug 13, 2010
i have a single page that needs to be secure (https) , my problem is i dont know how to do it. Can you give me walkthrough on how to do this?
View 1 Replies
May 24, 2010
As I'm working on a project for a customer (and catching up to speed on the asp.net web development since I last embarked on it), I have a particular request that I want to make sure is not going to cause undesirable effects.
The customer is putting a URL on a printed sheet. He wants it to be [URL]. He doesn't want to add http:// or https:// because he wants to make it as short and pain free to type in as possible. Very reasonable goal.
The key is, I need to make sure that whatever they type in, they get to the secure page of the site (so [URL] would need to become [URL]
I know that I can write an HttpHandler to look and see if it's an https request, and if not, redirect them to the secure version. However, are there any pitfalls with this approach that I need to be aware of. Will some browsers pop up any nasty dialogs or such?
View 4 Replies
Jan 6, 2011
What is the best way to pass and 2 IDs from one page to another, in a very secure way?
View 6 Replies
Jan 24, 2010
i have asp.net 2.0 web site and in the main root i have some secure pages so if any unauthenticated user try to visit my page the browser redirect him to login.asp page (it was correct) but in my web i have subfolder named (Admin) and i want to secure all pages under this folder and redirect any user to new login page. how can i do it?
View 7 Replies
Jul 20, 2010
I am rather new to asp.net but I have built a couple of apps that do not require users to login. am having some problems moving my secure .net application from my laptop to a production server, however, and I am hoping someone can help me. On my laptop my application's user authentication functions as it should, but when I move my application to a webserver I get an assortment of errors. Forgive me if these questions are a little basic. My first question is this. In a production environment do I move the ASPNETDB.MDF file in the App_Data folder to my SQL server? Is it OK to rename it to something more descriptive?
View 4 Replies
Oct 28, 2010
Currently I am facing a problem to communicate with a server that enable ssl...
normally we are using TCPClient to send and receive data from server, but now the server that I trying to connect to, need SSL and certificate..
I was trying to search at google and most of the solutions i got it is use SSLStream and X509Certificates. and I have another question, Am I need to create Client and Listener in order to communicate with that server? Because I had reviewed all the sample and they didn't attach the private key when send request to server.
View 1 Replies
Feb 9, 2011
I would like to create a secure login page for a pre-defined set of users (so no creating username/passwords by the users themselves). I've looked up a few sites and they all seem to using Microsoft's Membership or something. I am not very sure as to why that's used, but all you need to know is that I will be creating the login details. I just need to make the login secure, ie, no duplicate logins, no logins from different browsers and cookies and sessions and encryption and all that.
View 2 Replies
Apr 4, 2011
I would like to create a secure login page for a pre-defined set of users (so no creating username/passwords by the users themselves). I've looked up a few sites and they all seem to suggest using Microsoft's Membership or something. I am not very sure as to why that's used, but all you need to know is that I will be creating the login details. I just need to make the login secure, ie, no duplicate logins, no logins from different browsers and cookies and sessions and encryption and all that. Any one have the code/links to where I can get all this?
View 1 Replies
Nov 9, 2010
I'm using paypal to make payments for an online digital download purchase. Once the payment is accepted the person is redirected to a page where they can download the product. I need to know how do I make a page that can only be accessed once via redirect.
View 1 Replies
May 28, 2010
How can I force page to use secure connection "https". Client might call the page using insecure connection. I want the page to to check connection, if insecure connection "http" is being used, reload the page with secure "https" connection
View 8 Replies
Mar 9, 2010
I am interested in learning how to set up a secure report server with which I can publish individualized reports to my constituents. I know that banks and brokerage firms can do this, but I am not sure how it is done. I want to publish documents for an academic institution (grades, bills, transcripts, etc). I know some ASP.net and I am pretty fleuent in Crystal Reports. I am considering using a product like pdf-explode to disseminate reports via email, but I would really like to learn how to set up a secure site for my constituents and have them view the reports there.
View 1 Replies
May 7, 2015
I have written the above code and im getting an error as below-System.Net.Mail.SmtpException: The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required. Learn more at at
System.Net.Mail.MailCommand.CheckResponse(SmtpStatusCode statusCode, String response) at System.Net.Mail.MailCommand.Send(SmtpConnection conn, Byte[] command, MailAddress from, Boolean allowUnicode) at System.Net.Mail.SmtpTransport.SendMail(MailAddress sender, MailAddressCollection recipients, String deliveryNotify, Boolean allowUnicode, SmtpFailedRecipientException& exception) at System.Net.Mail.SmtpClient.Send(MailMessage message) at smtptest._Default.btnSend_Click(Object sender, EventArgs e) in c:usersadministratordocumentsvisual studio 2010ProjectssmtptestsmtptestDefault.aspx.cs:line 71
Its working on local but when im hosting my application im getting above error
using (MailMessage mm = new MailMessage("myid@gmail.com","reciverid@yahoo.com"))
{
mm.Subject = "test";
mm.Body = "email testing";
mm.IsBodyHtml = false;
SmtpClient smtp = new SmtpClient();
[code]....
View 1 Replies
