Graham Coles said the following on Tue, May 01, 2001 at 06:32:15PM +0100, > Someone recently asked me about this - are there any URLs > or text files that provide a routine checklist of things to be > avoided when writing web pages using asp (ie not hardcoding > passwords etc)? I have written a small piece on the subject of input validation at http://heap.nologin.net/aspsec.html when I was unable to find anything similar that examines the subject from an asp perspective to point developers to (perhaps someone else on the list has had better luck?). Most of the content here is based on poor practices I've seen when I worked as an asp developer, and in my current job while reviewing code. Any comments/suggestions for improvements etc. are most welcome. HTH. -- Jerry Connolly Computer Incident Response Team jerry.connollyat_private Eircom Multimedia
This archive was generated by hypermail 2b30 : Thu May 03 2001 - 15:16:11 PDT