1. Back To Blog

ASP.NET MVC security Interview questions

What is XSS ?

 

XSS (Cross site scripting) is a security attack where the attacker injects malicious code while doing data entry. This code can be a javascript , vbscript or any other scripting code. Once the code is injected in end user's browser. This code can run and gain access to cookies, sessions, local files and so on.

 

For instance below is a simple product data entry form. You can see in the product description how the attacker has injected a javascript code.

 

 

Once we click submit you can see the JavaScript code actually running.

 

 

 How can we prevent the same in MVC ?

 

In MVC by default XSS attack is validated. So if any one tries to post javascript or HTML code he lands with the below error.

 

 

Download our 100 ASP.NET MVC interview question PDF from


http://www.codeproject.com/Articles/556995/ASP-NET-MVC-interview-questions-with-answers

Shiv Prasad Koirala

Visit us @ www.questpond.com or call us at 022-66752917... read more

.NET interview questions 6th edition (Sixth edition) - By Shivprasad Koirala

C# Design pattern interview questions with answers: - How Singleton is different from Static class?

Exception Handling in C# using example step by step

MVC vs ASP.NET ( MVC Interview question with answers )?

What is the difference between each version of MVC 2, 3, 4, 5 and 6? (MVC Interview Questions)

What is the difference between Stored Procedures and Function (SQL Server interview question with answers)?

We are on Social

DotNetInterviewQuestions