AspNetCore.Docs

History

Rick Anderson 36e2502ce8 UE edit of Security considerations in ASP.NET Core SignalR (#9088 ) [Internal review URL](https://review.docs.microsoft.com/en-us/aspnet/core/signalr/security?view=aspnetcore-2.1&branch=pr-en-us-9088) - Kill long sentences. Long sentences are difficult for native speakers and impossible for MT (machine translation) - Format code to prevent horizontal scroll bar on tablets 85 characters wide. You can simulate tablets by viewing in a browser of the maximum width that doesn't have left or right panes (TOC's). - Prune dead wood. Avoid unnecessary words that don't add meaning to the text. - Avoid "you" except when it make the statement more clear. - For example, the following CORS policy allows a SignalR browser client hosted on `http://example.com` to access your SignalR app: -For example, the following CORS policy allows a SignalR browser client hosted on `http://example.com` to access the SignalR app hosted on `http://signalr.example.com`: - Avoid Wikipedia links - Code snippets Explicit sign-off required on my security rewording below: - [ ] Allow cross-origin requests only from domains you trust or control. The following are slightly too long but I couldn't find an elegant way to shorten them (not that my other trimming was elegant): - Applications should be configured to validate these headers to ensure that only WebSockets coming from the expected origins are allowed.	2018-10-19 09:10:45 -10:00
..
Startup.cs	UE edit of Security considerations in ASP.NET Core SignalR (#9088 )	2018-10-19 09:10:45 -10:00

UE edit of Security considerations in ASP.NET Core SignalR (#9088 )

[Internal review URL](https://review.docs.microsoft.com/en-us/aspnet/core/signalr/security?view=aspnetcore-2.1&branch=pr-en-us-9088)

- Kill long sentences. Long sentences are difficult for native speakers and impossible for MT (machine translation)
- Format code to prevent horizontal scroll bar on tablets 85 characters wide. You can simulate tablets by viewing in a browser of the maximum width that doesn't have left or right panes (TOC's).
- Prune dead wood. Avoid unnecessary words that don't add meaning to the text.
- Avoid "you" except when it make the statement more clear. 

  - For example, the following CORS policy allows a SignalR browser client hosted on `http://example.com` to access **your** SignalR app:
  -For example, the following CORS policy allows a SignalR browser client hosted on `http://example.com` to access the SignalR app hosted on `http://signalr.example.com`:
- Avoid Wikipedia links
- Code snippets

Explicit sign-off required on my security rewording below:
- [ ]  Allow cross-origin requests only from domains you trust or control. 

The following are slightly too long but I couldn't find an elegant way to shorten them (not that my other trimming was elegant):

- Applications should be configured to validate these headers to ensure that only WebSockets coming from the expected origins are allowed.

2018-10-19 09:10:45 -10:00

Startup.cs

UE edit of Security considerations in ASP.NET Core SignalR (#9088 )

2018-10-19 09:10:45 -10:00