Skip to content

Endpoint route metadata that is applied and never evaluated might be problematic #8526

New issue
New issue
Closed
Closed
Endpoint route metadata that is applied and never evaluated might be problematic#8526
Assignees
pranavkm
Labels
✔️ Resolution: DuplicateResolved as a duplicate of another issuearea-mvcIncludes: MVC, Actions and Controllers, Localization, CORS, most templatesenhancementThis issue represents an ask for new feature or an enhancement to an existing one
@DamianEdwards

Description

@DamianEdwards
DamianEdwards
opened on Mar 14, 2019

It's very easy to add required endpoint metadata that won't be evaluated at all which in some cases could be a security issue (e.g. authorization) from the point of view of the user. Idea here is to enable marking metadata as requiring to be evaluated and if it isn't by execution, throw. This could also be codified at design/compile-time with analyzers.

@rynowak @davidfowl

Metadata

Metadata

Assignees

Labels

✔️ Resolution: DuplicateResolved as a duplicate of another issuearea-mvcIncludes: MVC, Actions and Controllers, Localization, CORS, most templatesenhancementThis issue represents an ask for new feature or an enhancement to an existing one

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions