View State

Previous page
Table of content
Next page

If your applications use view state, make sure it is protected with message authentication codes (MACs) to ensure it is not modified at the client. View state and MAC protection can be enabled or disabled for all applications on the machine using the <pages> element in Machine.config.

<pages>

By default, the enableViewStateMac attribute on the <pages> element in Machine.config ensures that view state is protected with a MAC. 

 <pages buffer="true" enableSessionState="true"        enableViewState="true" enableViewStateMac="true"        autoEventWireup="true" validateRequest="true"/>

If you use view state, make sure that enableViewStateMac is set to true. The <machineKey> element defines the algorithms used to protect view state.



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Project Management JumpStart
Inside Network Security Assessment: Guarding Your IT Infrastructure
The CISSP and CAP Prep Guide: Platinum Edition
Data Structures and Algorithms in Java
The Java Tutorial: A Short Course on the Basics, 4th Edition
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy