Sure - ASP.NET includes several validation controls to ease the process
of validating input. These include:
  a.. RequiredFieldValidator
  b.. CompareValidator
  c.. RangeValidator
  d.. RegularExpressionValidator
  e.. CustomValidator
  f.. ValidationSummary
Of course, any of the above can be inherited from and thus extended if
not a perfect fit for your application. As a bonus, when using a
browser with DHTML support (IE and Netscape 4+), the controls
automatically generate client-side valdiation code (but STILL do the
server-side validation as well so if they bypass the Javascript you're
still Ok). I have saved myself untold hours making use of these
controls to validate input. If you use Visual Studio.NET you get the
ability to drag and drop validation controls right onto the page making
the job ultra-simple. Lazy developers are running out of excuses not to
do input validation.

For more info see:

http://samples.gotdotnet.com/quickstart/aspplus/default.aspx?url=3D/quicksta
rt/aspplus/doc/webvalidation.aspx

Chip

----- Original Message -----
From: Dave Aitel
To: Chip Andrews
Cc: James Fleming ; webappsecsecurityfocus.com
Sent: Saturday, January 12, 2002 10:39 AM
Subject: Re: Preventing Buffer Overflows in Web Apps

Chip Andrews wrote:
James,
*Developers can sometimes get lazy since validation is a fairly laborious
task. (ASP.NET has done much to improve this)
Chip
>
Can you give a few examples?
-dave

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]