Doing some testing, currently, and running into some issues with this. We've got a couple cases where things like 'cast' or 'open' are appropriate for our webpages. I've setup an AlwaysAllowedQueryStrings section: [AlwaysAllowedQueryStrings] branch=Openshaw branch=Newcastle+upon...

Hi Zhao, Thank you for your reply. I now understand how [AlwaysAllowedUrls] works and where the query string check is still performed on the allowed Urls. To clarify, here is what I would like to achieve. For instance, I would like the following 'url+query string' to be valid: http://www.domain...

Hi, A Sys Admin account in MS SQL give you access to all databases and gives you all privileges. So basically you don't need any other rights. I'm not sure if a Windows Admin account has admin right in MS SQL. I believe you need to add the Windows Account to MS SQL and grant that account proper...

[quote user="bjornen"] Thanks a lot alexhiggins732 I added this script to the website and it seems to work very well already. Only few hours after I set it up, he tried again. This time he was not able to destroy any data in the database. I got the email with the below information. Is there...