Share via

Explained – Canonicalization


Patterns and Practices home

ASP.NET 2.0 Security Videos

J.D. Meier, Keith Brown, Prashant Bansode
Microsoft Corporation

November 2007

This video module shows you how to avoid input and data validation security issues related to path validation.


  • Use Access Control Lists (ACLs) and impersonation to control access to resources, instead of pathname comparisons
  • Use MapPath to restrict physical file paths to the current virtual directory.


The video is a small wmv file streaming / download: