[Silverlight entry series] security considerations for Silverlight applications security

Source: Internet
Author: User
Tags reflector

After Silverlight is published as a web application, it is easy to decompile the Silverlight application. For example, for Sina finance and economics Silverlight, you can easily download the Silverlight application from the client *. xap file, renamed *. zip and decompile the DLL in it with reflector. Detailed steps include how to view the location of the *. xap file downloaded by the browser, and how to decompile the file...ArticleTeach you how to crack Silverlight step by step. In addition, there is even a reflector plug-in, silverlightbrowser, which can directly input the Silverlight URL for decompilation.

How to protect your Silverlight application?

1. Use the Security Policy in Microsoft's article

2. HTTPS access using SSL

3. After the user logs on successfully, the core xap file is loaded. That is to say, there is an authentication process before the core xap file is downloaded. Or use redirection,After successful logon, the system redirects to The. xap file page in the protected area of the specified site.

4. Put the core business logic on the server-side with the authenticated WCF Service implementation (or any soap-based services, restful services or RIA Services)

5. obfuscation, or use obfuscator 1 or obfuscator 2.

(If you are a Web security expert or Silverlight security expert, you are welcome to provide guidance ). Download Other resources: Silverlight Security White Paper

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.