Asp.netÏîÄ¿¿ª·¢Ö¸ÄÏ05

1¡¢¾ø¶Ô·¾¶Á¬½Ó×Ö·û´®
Provider=Microsoft.Jet.OLEDB.4.0;Data Source=c:\somepath\myDb.mdb
2¡¢Ïà¶Ô·¾¶Á¬½Ó×Ö·û´®
"Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("/date/fghsdf.mdb")
¿ÉÒÔÓãº
web.config:
<appSettings>
 <add key="ConnectString" value="Provider=Mic ......

Ajax¿ª·¢ÈËÔ±ÐèÒªµÄJavaScript֪ʶ
  JavaScriptµ®ÉúÓÚ1995 Ä꣬×î×³ÉÔÚNetsCape Navigatorä¯ÀÀÆ÷ÖС£Microsoft ÔÚIE3Öм¯³É¡£1998Äê±»±ê×¼»¯ÎªECMAScript.
  Microsoft Ajax Library¸ÄÉÆÁËJavaScriptµÄÃæÏò¶ÔÏóÄ£ÐÍ¡£
3.1ʹÓöÔÏó
   JavaScriptÖеĶÔÏó²¢²»ÊÇÀàÐ͵ÄʵÀý£¬ÒòΪJavaScript²»Ö§³ ......

 UrlScanµÄ3.1ÊÇÒ»¸ö°²È«µÄ¹¤¾ß£¬ÏÞÖÆÁËIISµÄHTTPÇëÇ󽫴¦ÀíÀàÐÍ¡£ ͨ¹ý×èÖ¹Ìض¨µÄHTTPÇëÇó£¬ÔÚURLScan 3.1°²È«¹¤¾ßÓÐÖúÓÚ·ÀÖ¹¶Ô·þÎñÆ÷Ó¦ÓóÌÐò¿ÉÄÜÓꦵÄÇëÇó¡£  UrlScanµÄ3.1ÊÇURLScan 2.5µÄ¸üа汾¡£Ö§³ÖIIS 5.1ÖУ¬IIS 6.0ºÍIIS 7.0ÔÚWindows VistaºÍWindows Server 2008¡£ÏÂÔصØÖ·http://download.csdn.net ......

Trustwave's SpiderLabs Security Advisory TWSL2010-001:
Multiplatform View State Tampering Vulnerabilities
Published: 2010-02-08 Version: 1.1
SpiderLabs has documented view state tampering
vulnerabilities in three products from separate vendors.
View states are used by some web application frame ......

 
ÔÚʹÓÃasp.net±àдwebserviceʱ£¬Ä¬ÈÏÇé¿öÏÂÊDz»Ö§³ÖsessionµÄ£¬µ«ÎÒÃÇ¿ÉÒÔ°ÑWebMethodµÄEnableSessionÑ¡ÏîÉèΪtrueÀ´ÏÔʽµÄ´ò¿ªËü£¬Çë¿´ÒÔÏÂÀý×Ó£º
1 н¨ÍøÕ¾WebSite 
2 н¨web·þÎñWebService.asmx£¬Ëü¾ßÓÐÒÔÏÂÁ½¸ö·½·¨£º
 C#-Code:
[WebMethod(EnableSession = true)]
public string Login( ......