You should validate all input to your ASP.NET application for type, length, format, and range of the input. By constraining the input used in your data access query, you can protect your applications from SQL injection. Start by constraining inputs in the server-side code for your ASP.NET Web pages. Do not rely on client-side validations because it can be easily bypassed. Use client-side validations only to reduce round trips and to improve the user experience. If in the previous code example, the SSN value is captured by an ASP.NET TextBox control, you can constrain its input by using a
The post How to prevent SQL injection attack in ASP.NET appeared first on Coding Security.
How to prevent SQL injection attack in ASP.NET
read more
Tidak ada komentar:
Posting Komentar