Asp.Net Core Web API Security Checklist. TOP 3 Vulnerabilities And How To Fix Them

Рет қаралды 10,548

Codewrinkles

Күн бұрын

Пікірлер: 18

@oxioxy 4 ай бұрын

Clear and to the point, thank you!

@Codewrinkles 4 ай бұрын

I'm happy you found it useful. Thanks for watching

@Codewrinkles 4 ай бұрын

Glad it was helpful!

@Tolmachovtv 10 ай бұрын

Thank you for such short and clear explanation, especially for practical examples

@uzayrsyed6293 Жыл бұрын

Love the fact you actually demonstrated these security concepts with code. Thank you! Also for the Broken Object Level Authorization example could we alternatively embed the shopId into the jwt token or cookie as a claim on login then the subsequent requests to the "revenue" endpoint can use this shopId to fetch revenue?

@Codewrinkles Жыл бұрын

Theoretically yes, but that would become more cumbersome when I have more shops. The important idea is that you need to varify that only the shop owner can view the revenue. How you do it, it's up to you. Be creative.

@asiridissanayaka6849 8 ай бұрын

Very much practical and well explained.

@broadshare 9 ай бұрын

Very practical, thank you.

@zeeshanasghar3751 Жыл бұрын

love it, simple and precise

@Codewrinkles Жыл бұрын

Glad you liked it.

@DeepWorksStudios Жыл бұрын

Great content, keep it up!

@Codewrinkles Жыл бұрын

Thank you! I do my best to keep it up :)

@dotnetdevni Жыл бұрын

I have been thinking about this more and more should I be encrypting the payload I always have ssl and all but most of the times im passing jason data.

@Codewrinkles Жыл бұрын

Maybe I'm missing something. The entire request is encrypted. Why also encrypting the payload?

@matt-irby Жыл бұрын

Awesome video!

@Codewrinkles Жыл бұрын

Glad you enjoyed it. Make sure to share it.

@arunbm123 16 күн бұрын

❤

@hifirulezzz Жыл бұрын

Security is important, but who is sending id in the header? It is dumb. Token should be created and encrypted during login. Only token contains information for authentication and authorization