From ad9a0c4def222aaf044e51f8ee0939911cb58471 Mon Sep 17 00:00:00 2001 From: Raymond Chen Date: Wed, 25 May 2022 17:00:12 -0700 Subject: [PATCH] Windows 11 - May 2022 Samples Update 2 * BluetoothLE: C++/WinRT translation errors * CustomCapability: Stick with .NET version 5.0.0, aligns with other samples * WebAuthenticationBroker: Fix C++/CX Facebook oauth scope to match C# * Add SECURITY.md, fix README links due to rename of default branch --- README.md | 4 +- SECURITY.md | 41 +++++++++++++++++++ .../BluetoothLE/cppwinrt/Package.appxmanifest | 2 + .../BluetoothLE/cppwinrt/Scenario2_Client.cpp | 2 +- .../Osrusbfx2Task/Osrusbfx2Task.csproj | 2 +- .../cs/CustomCapability.csproj | 2 +- .../cpp/Scenario2_oAuthFacebook.xaml.cpp | 2 +- 7 files changed, 49 insertions(+), 6 deletions(-) create mode 100644 SECURITY.md diff --git a/README.md b/README.md index 5a5fd35ff4..b0639f4b6b 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ This repo contains the samples that demonstrate the API usage patterns for the Universal Windows Platform (UWP) in the Windows Software Development Kit (SDK) for Windows 10. These code samples were created with the Universal Windows Platform templates available in Visual Studio, and are designed to run on desktop, mobile, and future devices that support the Universal Windows Platform. > **Note:** If you are unfamiliar with Git and GitHub, you can download the entire collection as a -> [ZIP file](https://github.com/Microsoft/Windows-universal-samples/archive/master.zip), but be +> [ZIP file](https://github.com/Microsoft/Windows-universal-samples/archive/main.zip), but be > sure to unzip everything to access shared dependencies. For more info on working with the ZIP file, > the samples collection, and GitHub, see [Get the UWP samples from GitHub](https://aka.ms/ovu2uq). > For more samples, see the [Samples portal](https://aka.ms/winsamples) on the Windows Dev Center. @@ -26,7 +26,7 @@ Additionally, to stay on top of the latest updates to Windows and the developmen The easiest way to use these samples without using Git is to download the zip file containing the current version (using the following link or by clicking the "Download ZIP" button on the repo page). You can then unzip the entire archive and use the samples in Visual Studio. - [Download the samples ZIP](../../archive/master.zip) + [Download the samples ZIP](../../archive/main.zip) **Notes:** * Before you unzip the archive, right-click it, select **Properties**, and then select **Unblock**. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..869fdfe2b2 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,41 @@ + + +## Security + +Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/). + +If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/opensource/security/definition), please report it to us as described below. + +## Reporting Security Issues + +**Please do not report security vulnerabilities through public GitHub issues.** + +Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report). + +If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey). + +You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc). + +Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: + + * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) + * Full paths of source file(s) related to the manifestation of the issue + * The location of the affected source code (tag/branch/commit or direct URL) + * Any special configuration required to reproduce the issue + * Step-by-step instructions to reproduce the issue + * Proof-of-concept or exploit code (if possible) + * Impact of the issue, including how an attacker might exploit the issue + +This information will help us triage your report more quickly. + +If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/opensource/security/bounty) page for more details about our active programs. + +## Preferred Languages + +We prefer all communications to be in English. + +## Policy + +Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/opensource/security/cvd). + + diff --git a/Samples/BluetoothLE/cppwinrt/Package.appxmanifest b/Samples/BluetoothLE/cppwinrt/Package.appxmanifest index 42bac5a22a..35d9f08770 100644 --- a/Samples/BluetoothLE/cppwinrt/Package.appxmanifest +++ b/Samples/BluetoothLE/cppwinrt/Package.appxmanifest @@ -38,5 +38,7 @@ + + diff --git a/Samples/BluetoothLE/cppwinrt/Scenario2_Client.cpp b/Samples/BluetoothLE/cppwinrt/Scenario2_Client.cpp index 00f657d8c4..2561469e09 100644 --- a/Samples/BluetoothLE/cppwinrt/Scenario2_Client.cpp +++ b/Samples/BluetoothLE/cppwinrt/Scenario2_Client.cpp @@ -309,7 +309,7 @@ namespace winrt::SDKTemplate::implementation { auto lifetime = get_strong(); - auto selectedItem = ServiceList().SelectedItem().as(); + auto selectedItem = CharacteristicList().SelectedItem().as(); selectedCharacteristic = selectedItem ? selectedItem.Tag().as() : nullptr; if (selectedCharacteristic == nullptr) diff --git a/Samples/CustomCapability/Service/Osrusbfx2Task/Osrusbfx2Task.csproj b/Samples/CustomCapability/Service/Osrusbfx2Task/Osrusbfx2Task.csproj index 80b08d89cd..3d0273cbcb 100644 --- a/Samples/CustomCapability/Service/Osrusbfx2Task/Osrusbfx2Task.csproj +++ b/Samples/CustomCapability/Service/Osrusbfx2Task/Osrusbfx2Task.csproj @@ -117,7 +117,7 @@ - 5.4.0 + 5.0.0 diff --git a/Samples/CustomCapability/cs/CustomCapability.csproj b/Samples/CustomCapability/cs/CustomCapability.csproj index e504649572..01abe79c31 100644 --- a/Samples/CustomCapability/cs/CustomCapability.csproj +++ b/Samples/CustomCapability/cs/CustomCapability.csproj @@ -225,7 +225,7 @@ - 5.4.0 + 5.0.0 diff --git a/Samples/WebAuthenticationBroker/cpp/Scenario2_oAuthFacebook.xaml.cpp b/Samples/WebAuthenticationBroker/cpp/Scenario2_oAuthFacebook.xaml.cpp index becc3d9352..d2e89c9b92 100644 --- a/Samples/WebAuthenticationBroker/cpp/Scenario2_oAuthFacebook.xaml.cpp +++ b/Samples/WebAuthenticationBroker/cpp/Scenario2_oAuthFacebook.xaml.cpp @@ -46,7 +46,7 @@ void Scenario2_oAuthFacebook::Launch_Click(Object^ sender, Windows::UI::Xaml::Ro return; } - facebookURL += clientID + "&redirect_uri=" + Uri::EscapeComponent(FacebookCallbackUrl->Text) + "&scope=read_stream&display=popup&response_type=token"; + facebookURL += clientID + "&redirect_uri=" + Uri::EscapeComponent(FacebookCallbackUrl->Text) + "&scope=email&display=popup&response_type=token"; try {