views:

81

answers:

1

Where can I learn how WebResources.axd or ScriptResources.axd actually works?

What is the string that is appended to the .axd? Does this string change, or is it constant? Is it page, session specific? Can these files be cached on a proxy?

How does it work internally? This is especially important after the ASP.NET vulnerability was discovered... as other people may want to not implement similar coding errors.

My understanding is that an encrypted key is used to direct how they operate.. (machine key) but I don't know much more.