Fix capitalization (#6994)
Jonathan
Luke Latham
parent
144be17440
commit
0e9e4a0c49
|
|
@ -1,11 +1,12 @@
|
|||
---
|
||||
title: General Data Protection Regulation (GDPR) support in ASP.NET Core
|
||||
author: rick-anderson
|
||||
description: Shows how to access the GDPR extension points in a ASP.NET Core web app.
|
||||
description: Learn how to access the GDPR extension points in a ASP.NET Core web app.
|
||||
manager: wpickett
|
||||
monikerRange: '>= aspnetcore-2.1'
|
||||
ms.author: riande
|
||||
ms.date: 5/29/2018
|
||||
ms.custom: mvc
|
||||
ms.date: 05/29/2018
|
||||
ms.prod: asp.net-core
|
||||
ms.technology: aspnet
|
||||
ms.topic: article
|
||||
|
|
@ -18,7 +19,7 @@ By [Rick Anderson](https://twitter.com/RickAndMSFT)
|
|||
ASP.NET Core provides APIs and templates to help meet some of the [EU General Data Protection Regulation (GDPR)](https://www.eugdpr.org/) requirements:
|
||||
|
||||
* The project templates include extension points and stubbed markup you can replace with your privacy and cookie use policy.
|
||||
* A cookie consent feature allows you to ask for (and track) consent from your users for storing personal information. If a user has not consented to data collection and the app is set with [CheckConsentNeeded](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyoptions.checkconsentneeded?view=aspnetcore-2.1#Microsoft_AspNetCore_Builder_CookiePolicyOptions_CheckConsentNeeded) to `true`, non-essential cookies will not be sent to the browser.
|
||||
* A cookie consent feature allows you to ask for (and track) consent from your users for storing personal information. If a user has not consented to data collection and the app is set with [CheckConsentNeeded](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyoptions.checkconsentneeded) to `true`, non-essential cookies will not be sent to the browser.
|
||||
* Cookies can be marked as essential. Essential cookies are sent to the browser even when the user has not consented and tracking is disabled.
|
||||
* [TempData and Session cookies](#tempdata) are not functional when tracking is disabled.
|
||||
* The [Identity manage](#pd) page provides a link to download and delete user data.
|
||||
|
|
@ -31,18 +32,18 @@ The [sample app](https://github.com/aspnet/Docs/tree/live/aspnetcore/security/gd
|
|||
|
||||
Razor Pages and MVC projects created with the project templates include the following GDPR support:
|
||||
|
||||
* [CookiePolicyOptions](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyoptions?view=aspnetcore-2.0) and [UseCookiePolicy](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyappbuilderextensions.usecookiepolicy?view=aspnetcore-2.0#Microsoft_AspNetCore_Builder_CookiePolicyAppBuilderExtensions_UseCookiePolicy_Microsoft_AspNetCore_Builder_IApplicationBuilder_) are set in `Startup`.
|
||||
* [CookiePolicyOptions](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyoptions) and [UseCookiePolicy](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyappbuilderextensions.usecookiepolicy) are set in `Startup`.
|
||||
* The *_CookieConsentPartial.cshtml* [partial view](xref:mvc/views/tag-helpers/builtin-th/partial-tag-helper).
|
||||
* The *Pages/Privacy.cshtml* or *Home/Privacy.cshtml* view provides a page to detail your site's privacy policy. The *_CookieConsentPartial.cshtml* file generates a link to the privacy page.
|
||||
* For applications created with individual user accounts, the manage page provides links to download and delete [personal user data](#pd).
|
||||
|
||||
### CookiePolicyOptions and UseCookiePolicy
|
||||
|
||||
[CookiePolicyOptions](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyoptions?view=aspnetcore-2.0) are initialized in the `Startup` class `ConfigureServices` method:
|
||||
[CookiePolicyOptions](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyoptions) are initialized in the `Startup` class `ConfigureServices` method:
|
||||
|
||||
[!code-csharp[Main](gdpr/sample/Startup.cs?name=snippet1&highlight=14-20)]
|
||||
|
||||
[UseCookiePolicy](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyappbuilderextensions.usecookiepolicy?view=aspnetcore-2.0#Microsoft_AspNetCore_Builder_CookiePolicyAppBuilderExtensions_UseCookiePolicy_Microsoft_AspNetCore_Builder_IApplicationBuilder_) is called in the `Startup` class `Configure` method:
|
||||
[UseCookiePolicy](/dotnet/api/microsoft.aspnetcore.builder.cookiepolicyappbuilderextensions.usecookiepolicy) is called in the `Startup` class `Configure` method:
|
||||
|
||||
[!code-csharp[Main](gdpr/sample/Startup.cs?name=snippet1&highlight=49)]
|
||||
|
||||
|
|
@ -88,7 +89,7 @@ Notes:
|
|||
|
||||
* To generate the `Account/Manage` code, see [Scaffold Identity](xref:security/authentication/scaffold-identity).
|
||||
* Delete and download only impact the default identity data. Apps the create custom user data must be extended to delete/download the custom user data. GitHub issue [How to add/delete custom user data to Identity](https://github.com/aspnet/Docs/issues/6226) tracks a proposed article on creating custom/deleting/downloading custom user data. If you'd like to see that topic prioritized, leave a thumbs up reaction in the issue.
|
||||
* Saved tokens for the user that are stored in the Identity database table `AspNetUserTokens` are deleted when the user is deleted via the cascading delete behavior due to the [foreign key](https://github.com/aspnet/Identity/blob/b4fc72c944e0589a7e1f076794d7e5d8dcf163bf/src/EF/IdentityUserContext.cs#L152).
|
||||
* Saved tokens for the user that are stored in the Identity database table `AspNetUserTokens` are deleted when the user is deleted via the cascading delete behavior due to the [foreign key](https://github.com/aspnet/Identity/blob/release/2.1/src/EF/IdentityUserContext.cs#L152).
|
||||
|
||||
## Encryption at rest
|
||||
|
||||
|
|
@ -101,17 +102,17 @@ Some databases and storage mechanisms allow for encryption at rest. Encryption a
|
|||
|
||||
For example:
|
||||
|
||||
* Microsoft SQL and Azure SQL provide [Transparent Data Encryption](https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/transparent-data-encryption?view=sql-server-2017) (TDE).
|
||||
* [SQL Azure encrypts the database by default](https://azure.microsoft.com/en-us/updates/newly-created-azure-sql-databases-encrypted-by-default/)
|
||||
* [Azure Blobs, Files, Table, and Queue Storage are encrypted by default](https://azure.microsoft.com/en-us/blog/announcing-default-encryption-for-azure-blobs-files-table-and-queue-storage/).
|
||||
* Microsoft SQL and Azure SQL provide [Transparent Data Encryption](/sql/relational-databases/security/encryption/transparent-data-encryption) (TDE).
|
||||
* [SQL Azure encrypts the database by default](https://azure.microsoft.com/updates/newly-created-azure-sql-databases-encrypted-by-default/)
|
||||
* [Azure Blobs, Files, Table, and Queue Storage are encrypted by default](https://azure.microsoft.com/blog/announcing-default-encryption-for-azure-blobs-files-table-and-queue-storage/).
|
||||
|
||||
For databases that don't provide built-in encryption at rest you may be able to use disk encryption to provide the same protection. For example:
|
||||
|
||||
* [Bitlocker for windows server](https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server)
|
||||
* [BitLocker for Windows Server](/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server)
|
||||
* Linux:
|
||||
* [eCryptfs](https://launchpad.net/ecryptfs)
|
||||
* [EncFS](https://github.com/vgough/encfs).
|
||||
|
||||
## Additional Resources
|
||||
|
||||
* [Microsoft.com/GDPR](https://www.microsoft.com/en-us/trustcenter/Privacy/GDPR)
|
||||
* [Microsoft.com/GDPR](https://www.microsoft.com/trustcenter/Privacy/GDPR)
|
||||
|
|
|
|||
Loading…
Reference in New Issue