Archive

Archive for March, 2015

About Nuget

March 30, 2015 Leave a comment

In Visual studio to add any reference in our project we will use ‘Add Reference Dialogue’, but in last few years apart from .net assemblies, we are started incorporate lots of 3rd party libraries(.NET open source libraries) into our projects.If you manually add any .NET open source assemblies some time it takes too much effort to make it work with the project.¬†We can avoid this manual configuration through Nuget Packages available for VS2010 and from VS2012 this feature is comes by default during installation.

Nuget is type of Open source Package management system and it is a huge repository. Using Nuget we can include required assembly in to out application. we can make use of Package Manager Console window in VS to install any external assembly that is available in Nuget.

Advertisements

Security issue in MVC delete using hyperlink

March 13, 2015 Leave a comment

In Stephen Walther post, he mentioned security issue in deleting the record through GET request. In MVC hyperlink will use GET request to delete a record, so any one can able to access the record just by passing the id of record.

Example:-

http://www.kethare.in/employee/delete/1

In the above example we are using GET request to delete the employee record by clicking the corresponding delete hyperlink of the employee. So the value that you are passing is known and any one who knows the delete URL can have possibility of deleting the record which is not advisable.

Stephen Walther provide solution to bypass this issue is using client side scripting (AJAX(or) JQUERY, JavaScript…)

%d bloggers like this: