Last post Apr 06, 2017 02:27 PM by Uday Mahajan
Apr 06, 2017 02:27 PM|Uday Mahajan|LINK
I am working on ASP.NET ,AZURE.
We have deployed our website on AZURE Web App and run the OWASP tool to check for security issues.
It gives the exception on Anti CSRF Tokens Scanner and Source Code Disclosure - File Inclusion
1 ) Anti CSRF Token - We have used ValidateAntiFurgeryToken with HTTPPOST, but using this also OWASP gives the exception.
2) Source Code Disclosure - File Inclusion - gives exception as
The source code for the current page was disclosed by the web server on
Parameter : __ID__
Attack : ../
Here We dont know how that attack happens in Fonts ?
Please suggest how to resolve Anti CSRF Tokens Scanner and Source Code Disclosure - File Inclusion.