Reputation: 1695
Redacting ASP.net web.config File Contents
Other than database connection strings, by default are there any sensitive values populated in web.config by Visual Studio 2008? What are PublicKeyToken values are these sensitive values? Would it be bad security practice to publish web.config files with connection strings redacted?
Upvotes: 0
Views: 170
Answers (2)
Reputation: 1813
Public key tokens are used in association with private key tokens to sign .NET assemblies. The public key tokens are not sensitive. As for connection strings, it is common practice to encrypt the connection string and keep them in the web.config.
Upvotes: 1
Reputation: 161801
PublicKeyToken are not sensitive.
As to redacting connection strings, who are you afraid of? Who's going to get hold of your web.config?
Upvotes: 1
Related Questions
- Editing a web.config file
- asp.net web config security
- How to remove element from ConfigSections in .NET 4.5
- web.config.CLR4 file
- Modifying a web.config in ASP.NET 4.0
- Editing the Web.config
- Asp.net 4.0 - Web.config file refactoring
- Modifying a web.config file as if it was a text file
- Removing a Section from Web.Config
- Web.Config file in asp.net