Active X Control Security Questions
Posted on 2005-03-23
I have been building my first web based application in vb.net.
It uses the standard HTML controls in addition to:
the Infragistics Grid and Tabbed Folder control.
All has been going great but my largest client has a consultant that has recently raised a security issue regarding active X controls and that they are pose a security risk to the web site. That is all he said know specifics. While the application is extensive it is my first and I have 0 experience in the security area of web controls so I can respond with confidence. Am I really at risk, I really don't know.
To be honest after doing this for 20 years I feel pretty stupid right now. Can someone help me rebuff this, I really don't know how to respond. I have not focused on the security of the controls but rather the content and functional capability of the web site. It may be niave but things have been working and at some point I begin to trust that the tools I am using are built by people with far more experience and knowlege in those areas believe they have covered their butts and inturn mine. After all when I buy I hammer from Sears I am not concerned it will explode when I hit the first nail if you know what I mean.
Any help or guidence on this would be greatly appreciated.