Assembly Language: Implementation of High level Language Constructs

In High Level Languages such as PASCAL and BASIC, several constructs are available which help to implement programs. You should know how these constructs are implemented in assembly language.The constructs that we will now deal with involve SELECTION and ITERATION. Both types of constructs are implemented using the conditional BRANCH instructions of the processor.

These types of instructions test the state of the various flags of the status register. All variables are memory based. Any manipulation of variables normally involves three steps,

  1. Load the variable into a register
  2. Perform the operation
  3. Store the result back into the variables location

Continue reading “Assembly Language: Implementation of High level Language Constructs”


Content Security Policy (CSP) for ASP.NET MVC

This series of blog posts goes through the additions made to the default ASP.NET MVC template to build the ASP.NET MVC Boilerplate project template. You can create a new project using this template by installing the Visual Studio template extension or visit the GitHub site to view the source code.

What is CSP?

For a true in-depth look into CSP, I highly recommend reading Mozilla‘s documentation on the subject. It really is the best resource on the web. I will assume that you’ve read the documentation and will be going through a few examples below.

Content Security Policy or CSP is a great new HTTP header that controls where a web browser is allowed to load content from and the type of content it is allowed to load. It uses a white-list of allowed content and blocks anything not in the allowed list. It gives us very fine grained control and allows us to run our site in a sandbox in the users browser.

CSP is all about adding an extra layer of security to your site using a Defence in Depth strategy.

The idea behind the defense in depth approach is to defend a system against any particular attack using several independent methods

It helps detect and mitigate Cross Site Scripting (XSS) and various data injection attacks, such as SQL Injection. Continue reading “Content Security Policy (CSP) for ASP.NET MVC”