Security Audit Issue [For Asp.Net WebForms] : Source code disclosed

After the security audit of Asp.Net Application I have received a error report and one error is as Source Code Disclosed.
Security Audit Issue [For Asp.Net WebForms] : Source code disclosed

How Should I resolve this issue by preventing any person to view code?

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

This is javascript code, which is really common to be exposed/disclosed (*) simply because it is intended to be downloaded to the browser where it then runs. To label this a risk might seem abundant, although there could be some risk depending on what it is that you put in it.

The question is mainly: could this code be exploited, or could it be altered into something that is dangerous?

The answer is to not put secrets in it, and also to never rely on client-side-only logic and validation. Always have a server side equivalent that enforces whatever rules need to be enforced, and use SSL/https so the connection is secure, and then you should be good.


(*) just hit F12, go to tab Sources or Debugger, and you’ll see it here as well


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x