Stack Overflow
Stack Overflow

Questions tagged [sensitive-data]

Please do not use this tag. Almost all data is in some way sensitive. Use the [security], [cryptography] or [credentials] tag instead.

91 questions
2
votes
2 answers

in MVC, how to verify reliability of submitted form hidden fields?

In mvc, when submitted to a controller, how can I verify that a user hasn't maliciously changed readonly hidden form fields?
Tal l
  • 265
  • 1
  • 3
  • 12
2
votes
3 answers

how to pass sensitive data from view to controller

In order to construct an entity with quite a lot of information, I need to performe a sequence of forms submitting. Every time I return a view from a controller, I need to pass some id's about the not yet established entity. Right now I inject these…
Tal l
  • 265
  • 1
  • 3
  • 12
2
votes
3 answers

Java and Web development: good practices to store custom sensitive data such as private keys, API keys, etc

What do you advise to store custom sensitive data within a Spring MVC application (or within any other JAVA Web MVC application actually)? Let's say I've an API key and I need it to be available for my controllers. Several solutions I could think…
sp00m
  • 47,968
  • 31
  • 142
  • 252
1
vote
0 answers

Create a Wordpress User with user supplied password after successful PaymentIntent via Stripe

I have a form where a user provides a desired username/password for an account when they pay to create a membership. I am using Wordpress as the CMS to handle users/authentication. I am using the Stripe PaymentsIntent API to process the…
RCNeil
  • 8,581
  • 12
  • 43
  • 61
1
vote
2 answers

Android Studio - how to securely store SHA-1 key in app

I have an android native app and for security reasons now the client says to encrypt SHA-1 key. I checked for the app for generated certificates it shows SHA-1 SHA-256 and MD5. How do I store it all securedly? I referred to these examples but…
Abm
  • 271
  • 2
  • 15
1
vote
5 answers

How to correctly store secret keys on React App?

I was happy lasts days using **.env **file with the npm dotenv package and saving there some secret keys i use on my React App... On my first test opload I noticed that my webbApp runs ok EVEN without specifying the .env secret keys on the…
ferter3006
  • 299
  • 10
1
vote
2 answers

OPA: Mask sensitive data

I want to mask the password in my Open Policy Agent (OPA) logs. This is my input data: { "decision_id":"71e99093-b980-4c67-bd0c-87fcc071571a", "input":{ "attributes":{ ..... , "request":{ "http":{ "body":"{\r\n …
flo-ferox
  • 158
  • 1
  • 8
1
vote
1 answer

Acces file from Azure Data Lake sensitive storage by databricks

I m accesing to files in the normal storage by the following method: input_path = "my_path" file= "file.mp3" path = os.path.join(path_data, file) full_path = '/dbfs/' + path with open(full_path, mode='rb') as file: # b is important -> binary …
Enrique Benito Casado
  • 1,914
  • 1
  • 20
  • 40
1
vote
1 answer

Private access to exact container in Azure Storage Explorer

I need to store some sensitive data in one container in Storage Explorer. The container has Container Public Access Level set as No public access. But still all members have access to this container. Where to change the settings (Azure Active…
Ronika
  • 13
  • 2
1
vote
1 answer

BizTalk 2020: obfuscate sensitive tracked data sent to application insights

I have enabled the analytics options in BizTalk Server 2020. All the data is sent to Azure Application Insights. But there is too much sensitive data like username and password that are not encrypted in the customDimensions of the send port…
MQV
  • 11
  • 1
1
vote
0 answers

Salesforce Managed package security review, how can I change custom settings field visibility which contains sensitive data to private or protected?

In the process of getting a managed package reviewed by Salesforce and it has been flagged for Insecure Storage of Sensitive Data and they highlight the following xml.
djXplosivo
  • 11
  • 4
1
vote
1 answer

How to hide sensitve values in error messages in Azure PowerShell?

In azure Powershell I use the command "az vm run-command invoke" to execute scripts to virtual machines, the problem is when for some reason it doesn't work, it prints in the error message all the parameters'value in clear, and these parameters are…
Elias Arellano
  • 433
  • 5
  • 16
1
vote
1 answer

How can I extract out sensitive information when pushing to a git repository?

I have a function that I call somewhere within my classes that looks like this: RLP.Unlock("User ID", new byte[] { ... }); The data is per-user information provided by the hardware manufacturers, which essentially says that whatever you use the…
Eric
  • 95,302
  • 53
  • 242
  • 374
1
vote
0 answers

AWS API Gateway - Enable $input for CloudWatch Log

I have a REST API exposed in API Gateway and those requests have path params and query params. I want to store some data from the request in CloudWatch. In the settings I have checked the Log full requests/responses data option. In the Custom…
user1911
  • 680
  • 1
  • 14
  • 36
1
vote
1 answer

Censoring sensitive data on Google DialogFlow

On Google dialog flow, is there a way to censor sensitive data. Suppose the user enters his credit card data, is there way to either have ** in place of the credit number, or the entire sentence? I tried sending a HTTP patch request as per…
Milind Mathai
  • 11
  • 1
1 2
3
4 5 6 7