Security Runtime Engine
There are 2 entries for the tag
Security Runtime Engine
When I started off discussing where I would take the Security Runtime Engine with the Developer Security MVPs Raffaele Rialdi asked if there would be a way to inspect raw requests and responses. Whilst I can’t do requests, as I don’t see them until ASP.NET has parsed them I can do responses, via ASP.NET’s filter mechanisms so, despite him tagging someone else as me on Facebook I started to look at how best to do this and came up with IResponseInspector. The response inspector works slightly differently to the other inspectors – by the time it’s called there is no...
The WPL site on CodePlex now has the May CTP code only release for the Web Protection Library and a Word document introducing the new extensibility points for the Security Runtime Engine. I haven’t released binaries because it’s just a preview, it is in no way ready for production and I want to discourage you even thinking of that. So why did I make the source available? Simple – feedback. This represents a rewrite of the Security Runtime and a new way for you to easily write plug-ins for it. Rather than simply decide what’s best for our users...