Security Considerations

• Oct 15, 2024

DevExpress .NET controls include mechanisms designed to reduce security-related risks. Use the following features to improve the overall security posture of your DevExpress-powered ASP.NET MVC app:

• HTML Encoding
• Safe Deserialization
• Content Security Policy
• Callback State Encryption
• Validate User Input
• Secure File Upload
  • Control Access to Server Files
  • Prevent Disk Space Exhaustion
  • Validate Uploaded Files
• Prevent Cross-Site Request Forgery Attacks (CSRF)
• Prevent Exposure of Sensitive Information
• Suppress Control Requests to Download Data from External URLs
• Suppress New Processes Initiated by .NET Controls

General Information

The following document addresses a series of frequently asked security-related questions and includes links to Best Practice articles for various development platforms and products.

Security - What You Need to Know

See Also

• ASP.NET MVC Extensions – Security Best Practices
• BI Dashboard – Security Considerations
• Reporting – Security Considerations