Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[EasyApiToken] Modernize the code #1474

Merged
merged 1 commit into from
Jul 16, 2024

Conversation

itorgov
Copy link
Contributor

@itorgov itorgov commented Jul 16, 2024

Q A
Bug fix? no
New feature? no
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets https://eonx.atlassian.net/browse/MTCE-260

@eonx-space-to-github-reviews
Copy link

@itorgov itorgov changed the base branch from master to 6.x July 16, 2024 03:09
@itorgov itorgov changed the title Feature/mtce 260 easy api token modernize the code [EasyApiToken] Modernize the code Jul 16, 2024
@eonx-space-to-github-reviews
Copy link

Copy link
Contributor

@alexndlm alexndlm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @itorgov. Code review complete. Nice job!

Secure code in this PR has been written to best practice standards and covers the following as a minimum. Please ticket if coded this way (also tick if not relevant to this code change):

  • Protect from Injection attacks
  • Protect data with proper input validation, and protect against buffer overflows, pointers/shared data
  • Protect with appropriate encryption and cryptography (E.g. Appropriate hashing, symmetric encryption used, ciphers) if applicable
  • Protect against XSS and CSRF
  • Ensure that pages, data access etc, are written with appropriate access control authorisation and authentication requirements
  • Ensure all important errors and business logic cases are handled
  • Ensure forwards and redirects are handled
  • Ensure no sensitive data is exposed and appropriate logging in place as required

See procedure for more details: PROC-010 Secure Coding Practices

Copy link
Contributor

@roman-eonx roman-eonx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code review approved. Keep up the good work!

Secure code in this PR has been written to best practice standards and covers the following as a minimum. Please ticket if coded this way (also tick if not relevant to this code change):

  • Protect from Injection attacks
  • Protect data with proper input validation, and protect against buffer overflows, pointers/shared data
  • Protect with appropriate encryption and cryptography (E.g. Appropriate hashing, symmetric encryption used, ciphers) if applicable
  • Protect against XSS and CSRF
  • Ensure that pages, data access etc, are written with appropriate access control authorisation and authentication requirements
  • Ensure all important errors and business logic cases are handled
  • Ensure forwards and redirects are handled
  • Ensure no sensitive data is exposed and appropriate logging in place as required

See procedure for more details: PROC-010 Secure Coding Practices

@roman-eonx roman-eonx merged commit dcb9ac4 into 6.x Jul 16, 2024
41 checks passed
@roman-eonx roman-eonx deleted the feature/MTCE-260-easy-api-token-modernize-the-code branch July 16, 2024 08:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

3 participants