Overview/Description
Discover how to manage validation and prevent cross-site scripting and cross-site request forgery attacks, as well as how to implement a custom membership provider for ASP.NET MVC web applications.
ASP.NET MVC Web Applications: Implementing Secure Sites
use HTML form encoding to prevent cross-site scripting attacks in an ASP.NET MVC web application
create and apply a salt to a hashed password before storing it in an ASP.NET MVC web application
create and use an SSL client certificate to provide SSL authentication in an ASP.NET MVC web application
encrypt a section of a application configuration file in ASP.NET MVC web application in Visual Studio 2017
implement deferred request validation in an ASP.NET MVC web application
use the AllowHtml attribute to disable request validation for a model property in an ASP.NET MVC web application
use the ValidateInput attribute to disable validation for an MVC controller action in an ASP.NET MVC web application
use parameterized SQL queries to prevent SQL injection attacks in an ASP.NET MVC web application
use an anti-forgery token along with the ValidateAntiForgeryTokenAttribute to protect against cross-site request forgery attacks in an ASP.NET MVC web application
set up a model class for a custom membership provider in an ASP.NET MVC web application in Visual Studio 2017
configure a custom membership provider in an ASP.NET MVC web application in Visual Studio 2017
test the operation of a custom membership provider in an ASP.NET MVC web application in Visual Studio 2017
secure communication by applying SSL certificates; salt and hash passwords for storage