6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"ASP.NET MVC - Where is HttpContext.Current stored?\",\"text\":\"

I'm storing a lot of sensitive information in it. Is it something that can be seen by end-user?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"TPR\"},\"upvoteCount\":1,\"answerCount\":2,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

No it cannot. It's fine to store sensitive information there. In fact - it's where .net membership creates the User object for authentication.

\\n\\n

http://msdn.microsoft.com/en-us/library/ff650037.aspx

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"James Hull\"},\"upvoteCount\":2}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","asp.net",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/asp.net/1","children":"asp.net"}]}],["$","span","asp.net-mvc",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/asp.net-mvc/1","children":"asp.net-mvc"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/50ec6487c34d1f42a2e549a21b618c9b?s=256&d=identicon&r=PG","alt":"TPR","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/167520/tpr","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"TPR"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",2577]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"ASP.NET MVC - Where is HttpContext.Current stored?"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

I'm storing a lot of sensitive information in it. Is it something that can be seen by end-user?

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",844]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","8307344",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/a8402e833cdcd9e5ff70c3e7b8556062?s=256&d=identicon&r=PG","alt":"James Hull","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/325399/james-hull","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"James Hull"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",3689]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

No it cannot. It's fine to store sensitive information there. In fact - it's where .net membership creates the User object for authentication.

\n\n

http://msdn.microsoft.com/en-us/library/ff650037.aspx

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",2]}]}]]}],["$","div","8307333",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/90420a24f64b7af3ef9dba9b9168bc38?s=256&d=identicon&r=PG","alt":"Kemal Can Kara","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/1068947/kemal-can-kara","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Kemal Can Kara"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",416]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

Actually no. The session informations are in your server. \nHidden html objects (including view state), cookies or your querystring can be seen by end - user

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",1]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","19509672",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/19509672","className":"text-blue-600 hover:underline","children":"Why is HttpContext.Current null?"}]}],["$","li","67335974",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/67335974","className":"text-blue-600 hover:underline","children":"System.Web.HttpContext.Current get lost"}]}],["$","li","38237129",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/38237129","className":"text-blue-600 hover:underline","children":"Convert System.Web.HttpContext.Current to System.Web.HttpContextBase"}]}],["$","li","54456634",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/54456634","className":"text-blue-600 hover:underline","children":"Access System.Web.HttpContext.Current in ASP.NET Core project targeting .net framework"}]}],["$","li","3416966",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/3416966","className":"text-blue-600 hover:underline","children":"How does HttpContext.Current work?"}]}],["$","li","22323448",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/22323448","className":"text-blue-600 hover:underline","children":"Why HttpContext.Current always null in user defined class in asp.net mvc?"}]}],["$","li","2988861",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/2988861","className":"text-blue-600 hover:underline","children":"how to access HttpContext.Current.Application"}]}],["$","li","9119345",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/9119345","className":"text-blue-600 hover:underline","children":"MVC, not "supposed" to use HttpContext.Current anymore?"}]}],["$","li","5648892",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/5648892","className":"text-blue-600 hover:underline","children":"Where does a HttpContext value get stored"}]}],["$","li","599759",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/599759","className":"text-blue-600 hover:underline","children":"Controller equivalent of HttpContext.Current in ASP.NET MVC"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

ASP.NET MVC - Where is HttpContext.Current stored?

Answers (2)

Related Questions