The first rule of Information security says " Never trust the user input ". You must always check and sanitize the user input whether you are directing it to a html label or textbox. Its always safe to encode HTML characters such as "<",">" to ">", "<". Again, All these checking must...
Posted to
Security
(Forum)
by
dacoolthings
on
12-15-2006, 12:00 AM
Filed under: security, Validation, html, Web, XSS, Encoding, Microsoft