Microsoft released a new article (887459), " Programmatically check for canonicalization issues with ASP.NET ," that recommends program code adjusts for applications that use ASP.NET. The changes will help strengthen overall security since intruders might be able to gain access to files they should not be able to access. In particular the article offers code samples that can be used to modify your own applications to filter URLs that contain unexpected characters due to a flaw in ASP.NET's canonicalization routines.
0 comments
Hide comments