Friday February 5th

MVC Routing Security Hole

Stephen Walther's latest MVC tip introduced me to the MVC framework's ability to pass server variables into actions as parameters. Unfortunately using this feature is a very bad idea and could jeopardize the security of your application. Take a look at a code sample you might find surprising.


Commenting on Stories is limited for now and will open up to those recommended by the community. Learn how
Loading DotNetKicks...
brought to you by the Kicks Network