mastodontech.de ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Offen für alle (über 16) und bereitgestellt von Markus'Blog

Serverstatistik:

1,5 Tsd.
aktive Profile

#webapi

1 Beitrag1 Beteiligte*r1 Beitrag heute

File encryption with a browser.

I've been exploring the #WebCryptoAPI and I'm impressed!

When combined with the #FileSystemAPI, it offers a seemingly secure way to #encrypt and #store files directly on your device. Think #localstorage, but with #encryption!

I know #webapps can have #security vulnerabilities since the code is served over the web, so I've #OpenSourced my demo! You can check it out, and it should even work if #selfhosted on #GitHubPages.

Live Demo: dim.positive-intentions.com/?p

Demo Code: github.com/positive-intentions

Hook Code: github.com/positive-intentions

IMPORTANT NOTES (PLEASE READ!):
* This is NOT a product. It's for #testing and #demonstration purposes only.
* It has NOT been reviewed or audited. Do NOT use for sensitive data.
* The "password encryption" currently uses a hardcoded password. This is for demonstration, not security.
* This is NOT meant to replace robust solutions like #VeraCrypt. It's just a #proofofconcept to show what's possible with #browser #APIs.

dim.positive-intentions.com@storybook/core - Storybook

I am in the situation that I need to talk to a #WebAPI that I am not familiar with (PlayFab). The documentation could be better, so there is a lot of stuff that I need to find out by trial-and-error.

Some weeks ago I bought an issue of the c't magazine - the only one I bought in years - that by chance had an article about a tool for such a situation: #Bruno (usebruno.com/).

After playing around a bit with it: Full recommendation.

www.usebruno.combruno

Question for the .Net developers. When working with a service layer and WebAPI where do you put the user input *format* validation? controller/endpoint, service, or both?

I'm currently using fluentvalidation for format validation, validated at the WebAPI endpoint(s), and business logic validation within the service layer. Any serious formatting issues would cause a model exception, which seems fair as if invalid user data reaches the service layer I consider it exceptional