Skip to content

ROPC remediation - configuration/index.md, use-http-context.md, new include file #33858

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Oct 29, 2024
Merged

ROPC remediation - configuration/index.md, use-http-context.md, new include file #33858

merged 10 commits into from
Oct 29, 2024

Conversation

@tdykstra
Copy link
Contributor

@tdykstra tdykstra commented Oct 16, 2024
edited
Loading

tdykstra
tdykstra commented Oct 17, 2024
View reviewed changes
@tdykstra tdykstra marked this pull request as ready for review October 22, 2024 20:41
@tdykstra tdykstra requested review from Rick-Anderson and removed request for Rick-Anderson October 22, 2024 20:42
Rick-Anderson
Rick-Anderson suggested changes Oct 23, 2024
View reviewed changes
aspnetcore/fundamentals/configuration/index/includes/index7.md Outdated
* Never store passwords or other sensitive data in configuration provider code or in plain text configuration files. The [Secret Manager](xref:security/app-secrets) tool can be used to store secrets in development.
* Don't use production secrets in development or test environments.
* Specify secrets outside of the project so that they can't be accidentally committed to a source code repository.
* Avoid the use of passwords in production apps; for more information, see [Secure authentication flows](xref:security/index#secure-authentication-flows).
Copy link
Contributor

@Rick-Anderson Rick-Anderson Oct 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same

tdykstra
tdykstra commented Oct 28, 2024
View reviewed changes
Rick-Anderson
Rick-Anderson previously requested changes Oct 28, 2024
View reviewed changes
Copy link
Contributor

@Rick-Anderson Rick-Anderson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fix
avoid the use of passwords in production apps

tdykstra
tdykstra commented Oct 29, 2024
View reviewed changes
@tdykstra
Copy link
Contributor Author

tdykstra commented Oct 29, 2024

Fix avoid the use of passwords in production apps

Fixed. I forgot it was also in the 6 and 7 includes.

@tdykstra tdykstra dismissed Rick-Anderson’s stale review October 29, 2024 00:54

Fixed the text that the review asked to be fixed.

Rick-Anderson
Rick-Anderson approved these changes Oct 29, 2024
View reviewed changes
Copy link
Contributor

@Rick-Anderson Rick-Anderson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice

@tdykstra tdykstra merged commit 53c28a6 into dotnet:main Oct 29, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@Rick-Anderson Rick-Anderson Rick-Anderson approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

ROPC remediation - configuration/index.md, use-http-context.md, new include file

2 participants

@tdykstra @Rick-Anderson