Fixing excessive information logging
As we learned in Chapter 4, Sensitive Data Exposure, ensuring you prevent the exposure of personal details is the key to keeping your application secure, and the same goes for logging information. While logs are helpful, there is also a risk involved in logging excessive data. Perpetrators will find ways to get useful information, and the log store is one source they will try to discover.
In this recipe, we will fix the excessive logging of information such as usernames and passwords.
How to do it…
Let's take a look at the steps for this recipe:
- From the starting exercise folder, launch VS Code by typing the following command:
code .
- Open
Areas\Identity\Pages\Account\Login.cshtml.cs
and locate the lines of code that send too much sensitive information into the logs:if (ModelState.IsValid) { // This doesn't count login...