Subscribe: Comments on Nick Coblentz: Reducing Information Disclosure in ASP.NET Web Ser...
http://nickcoblentz.blogspot.com/feeds/8371972850386406759/comments/default
Preview: Comments on Nick Coblentz: Reducing Information Disclosure in ASP.NET Web Ser...

Comments on Nick Coblentz: Reducing Information Disclosure in ASP.NET Web Services





Updated: 2017-09-27T05:46:20.721-05:00

 



Wyatt, You are correct for some situations; howev...

2010-02-12T14:34:56.413-06:00

Wyatt,

You are correct for some situations; however, it will not always workout that only trusted folks will access the end-points.

That said, this article provides as many methods as possible to reduce information disclosure in your web services. In an actual business application, the need to make the service secure must be balanced against the business requirements of its partners or consumers.



You could avoid all of this by only allowing trust...

2010-02-12T14:10:48.664-06:00

You could avoid all of this by only allowing trusted users to access your REST endpoints. Also, if you are allowing trusted devs to access your REST endpoints you would want to provide them with some of these exception messages so that they can debug what is failing.