Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect no-op Microsoft.AspNetCore.Authorization.AuthorizeAttribute #7688

Open
tobias-tengler opened this issue Nov 5, 2024 · 0 comments · May be fixed by #7696
Open

Detect no-op Microsoft.AspNetCore.Authorization.AuthorizeAttribute #7688

tobias-tengler opened this issue Nov 5, 2024 · 0 comments · May be fixed by #7696
Labels
🌶️ hot chocolate

Comments

@tobias-tengler
Copy link
Collaborator

tobias-tengler commented Nov 5, 2024
edited
Loading

Product

Hot Chocolate

Is your feature request related to a problem?

Since both the Hot Chocolate and ASP.NET Core AuthorizeAttribute are named the same, there's a high chance of the ASP.NET Core attribute being used on a Hot Chocolate resolver. This is problematic, since you think you've secured the resolver, but it isn't.

The solution you'd like

Throw an error during start-up if a Microsoft.AspNetCore.Authorization.AuthorizeAttribute is applied to a implementation-first resolver to alert the user of the misconfiguration.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🌶️ hot chocolate
Projects
None yet
Milestone
No milestone
1 participant
@tobias-tengler