Re: guidelines for secure ASP pages

From: Jerry Connolly (jerry.connollyat_private)
Date: Tue May 01 2001 - 11:20:34 PDT

  • Next message: Adam Berent: "Unix/Windows bit arrangments"

    Graham Coles said the following on Tue, May 01, 2001 at 06:32:15PM +0100,
    > Someone recently asked me about this - are there any URLs
    > or text files that provide a routine checklist of things to be
    > avoided when writing web pages using asp (ie not hardcoding
    > passwords etc)?
    
    I have written a small piece on the subject of input validation at
    http://heap.nologin.net/aspsec.html when I was unable to find anything
    similar that examines the subject from an asp perspective to point
    developers to (perhaps someone else on the list has had better luck?).
    
    Most of the content here is based on poor practices I've seen when I worked
    as an asp developer, and in my current job while reviewing code.  Any
    comments/suggestions for improvements etc.  are most welcome.
    
    HTH.
    
    --
    Jerry Connolly                  Computer Incident Response Team
    jerry.connollyat_private       Eircom Multimedia
    



    This archive was generated by hypermail 2b30 : Thu May 03 2001 - 15:16:11 PDT