@@RawCoding Hey I m a bit confused between the old playlist and this new one ? Here is my interpretration : - Old playlist - it is for securing dotnet MVC application, also it uses dotnet core Identity Framework - New playlist - it is for minimal APIs, and this one doesn't use dotnet core Identity Framework Some doubts : - Can we use dotnet core Identity Framework in this minimal API setup similar to MVC setup ? - (follow up ques to prev one) If yes, then why didn't you implement identity in this playlist ?
an idea for your next video in this series - a cross site scripting attack the full demo story (based on the story you mention at 20:00). It will be a hit!
Dear Anton, I hope you are doing well. I love the way you teach. I chose your videos out of all the huge learning I had to do. I have a question (and several more as I go along): Why are my cookies being reissued without setting a SlidingExpiration to true? I'm using Edge Version 120.0.2210.121 and vscode with .Net SDK 8. It seems that the SlidingExpiration default value is true.
in 46:18 you attach external dll in your debugging How we do that in visual studio ? as you know in some cases I need to debug in other's dlls or packges to see behaivour
Take the order with a grain of salt. There is no preset to authentication real you can finish this at cookies or implement impersonation with cookie or token auth. Try to find topics that you want to learn about rather than follow the order.
I have to say you are way better in these videos. I think the reason is you are more calm. In previous videos you say lot of stuff continuously and it is hard for audience to catch what you are saying. And it is much better when you don't fouce the audience to follow best practices that you think are the best.
(21:30) "...never really want to set that flag to true..." Don't you mean "never want to to set it to false"? Surely you meant to say that we *do* want to make cookies http only unless we have a good reason otherwise, no?
great stuff as always, bell is clicked! :P do you know of a scenario where cookie is not cleared even though server sends the header with "cookie=;"? Our playwright tests have some troubles with that
@@RawCoding oh, cool! I saw a lot of people say the drawback of session storage is that you have to make sure your user hits the same server if your servers scale horizontally or you have to store the cookie data in a database. Thank you for the response btw! You are an amazing teacher and very knowledgeable,
@@RawCoding Ooooh. Your accent sounded close to the usual Portuguese accent so I wondered about that. This is not to say you speak bad English, far from it! Keep up the good work 💪
Amazing… Thanks for this video sir. Can you please make Video on the best way to use HttpClient and get the Cookie from HttpClient after Login? Please 😊
Really appreciate these in depth explanations, keep doing great Anton!
Cheers
@@RawCoding Hey I m a bit confused between the old playlist and this new one ?
Here is my interpretration :
- Old playlist - it is for securing dotnet MVC application, also it uses dotnet core Identity Framework
- New playlist - it is for minimal APIs, and this one doesn't use dotnet core Identity Framework
Some doubts :
- Can we use dotnet core Identity Framework in this minimal API setup similar to MVC setup ?
- (follow up ques to prev one) If yes, then why didn't you implement identity in this playlist ?
The way you talk and explain things are really cool, easy to understand. Perfect!
Thank you )
that content is a treasure
This is gold, compared to lots of other videos.. Should have more likes
This is great! Thank you. VS has also recently been able to decompile - we finally got it :)
Thanks for taking the time to explain this in detail. Loved it!
Your videos are gold.
Great video Anton👍
Flabbergasting explanation, thank you.
holy shit
god damn
an idea for your next video in this series - a cross site scripting attack the full demo story (based on the story you mention at 20:00). It will be a hit!
Nice suggestion! I’ll make it at some point
Thanks for the explanation, SERVICIEZZZZZZ
You know what brother??
.
.
.
.
.
.
.
.
Thanks, I had a lot of issues understanding this concept! ❤
what a background ^
🍑
Dear Anton, I hope you are doing well. I love the way you teach. I chose your videos out of all the huge learning I had to do.
I have a question (and several more as I go along): Why are my cookies being reissued without setting a SlidingExpiration to true? I'm using Edge Version 120.0.2210.121 and vscode with .Net SDK 8. It seems that the SlidingExpiration default value is true.
27:00 default schema
Gold Value here !
@21:26 you wanted to say "never set that flag to false" ?
Yes!
in 46:18 you attach external dll in your debugging How we do that in visual studio ?
as you know in some cases I need to debug in other's dlls or packges to see behaivour
I think visual studio is limited in this regard
Hey anotn, i'm wondring is the playlist ordered correctly?
cuz i'm seeing some 5 months ago video followed by 8 months followed by 1 month.. and so on
Take the order with a grain of salt. There is no preset to authentication real you can finish this at cookies or implement impersonation with cookie or token auth. Try to find topics that you want to learn about rather than follow the order.
How do you attach debugger to a specific process? Can you show us how to do that in Rider with Resharper ? Thank you
Press shift shift for all commands and type attach to process
Hey Anton, it owuld be good to increase the size of the code it's hard to read on a mobile
I have to say you are way better in these videos. I think the reason is you are more calm. In previous videos you say lot of stuff continuously and it is hard for audience to catch what you are saying. And it is much better when you don't fouce the audience to follow best practices that you think are the best.
(21:30) "...never really want to set that flag to true..."
Don't you mean "never want to to set it to false"? Surely you meant to say that we *do* want to make cookies http only unless we have a good reason otherwise, no?
great stuff as always, bell is clicked! :P do you know of a scenario where cookie is not cleared even though server sends the header with "cookie=;"? Our playwright tests have some troubles with that
nope, unless there are multiple sessions running in multiple tabs.
@@RawCoding do multiple workers count as multiple tabs? :D
@@Qrzychu92 don't know don't use selenium
If you have a test that sign out on one worker and then next test depends on being signed out runs on a different one maybe you’re in trouble
these cookies are stored on the server right? so if the client makes a request to a different server they would have to log in again?
Cookie is not stored on the server
@@RawCoding oh, cool! I saw a lot of people say the drawback of session storage is that you have to make sure your user hits the same server if your servers scale horizontally or you have to store the cookie data in a database.
Thank you for the response btw! You are an amazing teacher and very knowledgeable,
That is true if you have session storage, but you don’t have it by default.
@@RawCoding oh i see i was mixing them up then
Hey, just wondering are you Portuguese?
nah, I'm from Latvia
@@RawCoding Ooooh. Your accent sounded close to the usual Portuguese accent so I wondered about that. This is not to say you speak bad English, far from it! Keep up the good work 💪
@@RawCoding Your accent is amazing dear Anton
Amazing…
Thanks for this video sir.
Can you please make Video on the best way to use HttpClient and get the Cookie from HttpClient after Login? Please 😊
What are you trying to do? Otherwise look in the Set-Cookie header
Anton, really? Or did I misheard?
Yep my name is Anton )
Second!