Explained – Canonicalization
.gif)
ASP.NET 2.0 Security Videos
J.D. Meier, Keith Brown, Prashant Bansode
Microsoft Corporation
November 2007
This video module shows you how to avoid input and data validation security issues related to path validation.
Objectives
- Use Access Control Lists (ACLs) and impersonation to control access to resources, instead of pathname comparisons
- Use MapPath to restrict physical file paths to the current virtual directory.
Video
The video is a small wmv file streaming / download:
- Explained – Canonicalization (Length: 8:43 - Size: 7:00 MB)
Recommended Guidance
- Design Guidelines for Secure Web Applications (See "Input Validation" section)
- Architecture and Design Review for Security (See "Input Validation" section)