Introduction
This article describes how to add more precautions in the ASP.NET application to help prevent common standardization issues.
More information
What is standardized?
Standardization is a process, and the various equivalent forms of a name can be parsed into a single standard name, the "Specification" name. For example, on a specific computer, C: /DIR/test.dat ,test.dat and ../....Test.dat may all refer to the same file. Standardization is to map these names to the process similar to the name of C: /DIR/test.dat. When the web server receives the URL, the server maps the request to a file system path that determines the response. The normalized routines used to map the request must analyze this URL correctly to avoid providing or processing unwanted content. For more information on normalization, please visit the Microsoft Web site below:
Http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/thcmch04.asp
We recommend that you use best practices to help maintain your app. See the next section for additional information.
Add other standardized precautions to web applications
Microsoft ASP.NET developers add more check content to the web application by adding an Application_BeginRequest event handler by using the Application_BeginRequest event handler to the Global.asax file stored in the root of the web application, to help reduce standardization issues. This event handler is executed for each web request, and the programmer can easily insert the code in the program to help prevent standardization issues.
Code example
The following example demonstrates how to add the Application_BeginRequest event handler to the global.asax file. The event handler will execute path validation that helps prevent invalid characters and incorrect formats, so that you can help prevent common standardization issues.
Global.asax code example (Visual Basic .NET)
