Submission + - String Validation Routines in .NET Exposed (anachronic.com)
ubiquitin writes: Web application security researcher Arian Evans has posted previously unrelease details of Microsoft's .NET 1.1 string validation routines. This includes anti cross site scripting request validation routines as well as a more generic ValidateString method. Such disclosure is expedient for all appsec researchers wishing to find holes in .NET applications.