Security Considerations
DevExpress .NET controls include mechanisms designed to reduce security-related risks. Use the following features to improve the overall security posture of your DevExpress-powered ASP.NET Web Forms app:
- HTML Encoding
- Safe Deserialization
- Content Security Policy
- Callback State Encryption
- View State Encryption
- Validate User Input
- Secure File Upload
- Prevent Cross-Site Request Forgery Attacks (CSRF)
- Prevent Against CSV Injection Attacks
- Prevent Exposure of Sensitive Information
- Suppress Control Requests to Download Data from External URLs
- Suppress New Processes Initiated by .NET Controls
General Information
The following topic addresses a series of frequently asked security-related questions and includes links to Best Practice articles for various development platforms and products.
Security - What You Need to Know