Security Considerations
In This Article
DevExpress .NET controls include mechanisms designed to reduce security-related risks. Use the following features to improve the overall security posture of your DevExpress-powered ASP.NET MVC app:
- HTML Encoding
- Safe Deserialization
- Content Security Policy
- Callback State Encryption
- Validate User Input
- Secure File Upload
- Prevent Cross-Site Request Forgery Attacks (CSRF)
- Prevent Exposure of Sensitive Information
- Suppress Control Requests to Download Data from External URLs
- Suppress New Processes Initiated by .NET Controls
#General Information
The following document addresses a series of frequently asked security-related questions and includes links to Best Practice articles for various development platforms and products.
Security - What You Need to Know