XSS Attacks in ASP.NET Core
Вставка
- Опубліковано 11 кві 2023
- Cross Site Scripting or XSS is an attack where the attack is capable of executing javascript remotely via your app. How can these attacks happen in an ASP.NET Core C# application? Reflective - via query, Stored - via database, DOM-based - modified dom via query.
Patreon 🤝 / raw_coding
Courses 📚 learning.raw-coding.dev
Shop 🛒 shop.raw-coding.dev
Discord 💬 / discord
Twitter 📣 / anton_t0shik
Twitch 🎥 / raw_coding
SignalR • ASP.NET Core SignalR T...
#aspnetcore #csharp #dotnet
Nice explanation. Thanks for the video, stay inspired!
Really appreciate the videos that you make. Security is always an afterthought at companies, especially application-level security, so it's hard to find people who share their views and get a different approach to certain problems. Thank you for the effort that you put into this!
Great video, really helpfui!
Oh man! You are in the game! I have to learn about all those kind of attacks. Do you have nore videos about them? If not, please do more videos about them (SQL injection for example, etc, etc).
Thanks your for this video.
got a CSRF one ua-cam.com/video/9OU_SsOb2SE/v-deo.html
@@RawCoding Thank you so much man!
hi, will putting annotations on my api functions help?
watch out for that sun injection
Windows has shit security against the sun (they say it's a feature). need to purchase the blinds system, though that needs a wall adapter, pita
@@RawCodingjust use come shit and sticks (cardboard and tape)
who updates anything with a GET? would that still be a thing with a POST?
Nobody should, I update with get because I can do it via url instead of typing out a fetch in the console or having more ui
post and get really only differ by the verb. the http request structure is the same, and it goes like this:
HTTP/version VERB address
Headers: Values
Body
as you can see, the request is really generic, and get and post really only differ in the first line. and maybe something else will be different, but generally speaking get and post requests are really similar. the verb merely indicates the intention (getting or adding or patching-editing or deleting etc).
One of the best UA-camrs with content focused on high-quality coding and pitfalls.
However, cannot do anything against the Sun shining on a monitor.
Does anyone know of a UA-cam channel dedicated to high-quality blocking of the sun?