From 75310bc89a57168bfd708ac5dc2a54540be4e15e Mon Sep 17 00:00:00 2001 From: Ron Petrusha Date: Wed, 26 Jun 2019 13:42:04 -0700 Subject: [PATCH 1/2] Restored enumeration member remarks, Part 9 --- xml/System.Transactions/IsolationLevel.xml | 12 +-- .../TransactionScopeAsyncFlowOption.xml | 10 +-- .../MachineKeyValidation.xml | 86 ++----------------- .../ProcessModelComAuthenticationLevel.xml | 67 ++------------- .../ProcessModelComImpersonationLevel.xml | 68 +++------------ .../ProcessModelLogLevel.xml | 48 +++-------- .../LowerCodeCharts.xml | 24 +----- .../MembershipPasswordFormat.xml | 13 +-- .../WebServiceProtocols.xml | 13 +-- .../SoapMessageStage.xml | 61 ++++--------- xml/System.Web/ReadEntityBodyMode.xml | 10 +-- 11 files changed, 68 insertions(+), 344 deletions(-) diff --git a/xml/System.Transactions/IsolationLevel.xml b/xml/System.Transactions/IsolationLevel.xml index b2e7e887d1a..6779eaf0031 100644 --- a/xml/System.Transactions/IsolationLevel.xml +++ b/xml/System.Transactions/IsolationLevel.xml @@ -34,7 +34,7 @@ The lowest isolation level, `ReadUncommitted`, allows many transactions to operate on a data store simultaneously and provides no protection against data corruption due to interruptive transactions. The highest isolation level, `Serializable`, provides a high degree of protection against interruptive transactions, but requires that each transaction complete before any other transactions are allowed to operate on the data. - The isolation level of a transaction is determined when the transaction is created. By default, the infrastructure creates `Serializable` transactions. You can determine the isolation level of an existing transaction using the property of a transaction. + The isolation level of a transaction is determined when the transaction is created. By default, the infrastructure creates `Serializable` transactions. You can determine the isolation level of an existing transaction by using the property of a transaction. ]]> @@ -229,15 +229,7 @@ 4 - Volatile data can be read. Before a transaction modifies data, it verifies if another transaction has changed the data after it was initially read. If the data has been updated, an error is raised. This allows a transaction to get to the previously committed value of the data. - - is thrown with the error message "Transactions with IsolationLevel Snapshot cannot be promoted". - - ]]> - + Volatile data can be read. Before a transaction modifies data, it verifies if another transaction has changed the data after it was initially read. If the data has been updated, an error is raised. This allows a transaction to get to the previously committed value of the data.When you try to promote a transaction that was created with the isolation level, an is thrown with the error message "Transactions with IsolationLevel Snapshot cannot be promoted". diff --git a/xml/System.Transactions/TransactionScopeAsyncFlowOption.xml b/xml/System.Transactions/TransactionScopeAsyncFlowOption.xml index 863529f3b43..36d0f544bc7 100644 --- a/xml/System.Transactions/TransactionScopeAsyncFlowOption.xml +++ b/xml/System.Transactions/TransactionScopeAsyncFlowOption.xml @@ -94,15 +94,7 @@ 0 - Specifies that transaction flow across thread continuations is suppressed. - - is specified in the constructor. - - ]]> - + Specifies that transaction flow across thread continuations is suppressed. This is the default setting if no is specified in the (Rijndael) encryption algorithm. - - property will be used for encryption and decryption, and the `HMACSHA1` hash algorithm will be used with the property for validation. - - ]]> - + Specifies that ASP.NET uses the (Rijndael) encryption algorithm. Choose this option if you want to encrypt view state in your Web application.If you choose this option, the property will be used for encryption and decryption, and the hash algorithm will be used with the property for validation. @@ -88,17 +78,7 @@ 7 - Specifies that ASP.NET uses a custom hashing algorithm. - - . - - The custom algorithm is typically specified declaratively in the validation attribute of the element, in the format `alg:`*algorithm_name*. For information about how to specify a custom algorithm in code, see the property. - - ]]> - + Specifies that ASP.NET uses a custom hashing algorithm. The custom hashing algorithm can be implemented in any class that derives from .The custom algorithm is typically specified declaratively in the validation attribute of the machineKey element, in the format alg:`*algorithm_name*. For information about how to specify a custom algorithm in code, see the property. @@ -119,15 +99,7 @@ 4 - Specifies that ASP.NET uses the hashing algorithm. This is the default value. - - - + Specifies that ASP.NET uses the hashing algorithm, which is an SHA2 hashing algorithm that generates a 256-bit hash code. This is the default value. @@ -148,15 +120,7 @@ 5 - Specifies that ASP.NET uses the hashing algorithm. - - - + Specifies that ASP.NET uses the hashing algorithm, which is an SHA2 hashing algorithm that generates a 384-bit hash code. This option is available for applications that require stronger security than provided by the algorithm.. @@ -177,15 +141,7 @@ 6 - Specifies that ASP.NET uses the hashing algorithm. - - - + Specifies that ASP.NET uses the hashing algorithm, which is an SHA2 hashing algorithm that generates a 512-bit hash code. This option is available for applications that require stronger security than provided by the algorithm. @@ -207,15 +163,7 @@ 0 - Specifies that ASP.NET uses the Message Digest 5 () hashing algorithm. - - - + Specifies that ASP.NET uses the Message Digest 5 () hashing algorithm, which is a hashing algorithm that generates a 128-bit hash value. This is a legacy value that should be selected only if compatibility with earlier versions of ASP.NET is required. @@ -237,15 +185,7 @@ 1 - Specifies that ASP.NET uses the hash algorithm. - - - + Specifies that ASP.NET uses the hash algorithm, which is a hashing algorithm that generates a 160-bit hash value. This is a legacy value that should be selected only if compatibility with earlier versions of ASP.NET is required. @@ -267,15 +207,7 @@ 2 - Specifies that ASP.NET uses the TripleDES () encryption algorithm. - - - + Specifies that ASP.NET uses the TripleDES () encryption algorithm, which is an encryption algorithm that is used only if you specify that view state is encrypted. This is a legacy value that should be selected only if compatibility with earlier versions of ASP.NET is required.. diff --git a/xml/System.Web.Configuration/ProcessModelComAuthenticationLevel.xml b/xml/System.Web.Configuration/ProcessModelComAuthenticationLevel.xml index 8b0146e9020..19f59c8a47d 100644 --- a/xml/System.Web.Configuration/ProcessModelComAuthenticationLevel.xml +++ b/xml/System.Web.Configuration/ProcessModelComAuthenticationLevel.xml @@ -19,9 +19,10 @@ enumerates the values to use when you set the property. + +`ProcessModelComAuthenticationLevel` defines the values to use when you set the property. - The default is Connect. +The default is `Connect`. > [!NOTE] > The settings are relevant only when you use the ASP.NET process model (Internet Information Services [IIS] 5.n or compatible mode on IIS 6 only). @@ -57,15 +58,7 @@ 1 - Specifies that DCOM authenticates the credentials of the client. This field is constant. - - - + Specifies that DCOM authenticates the credentials of the client when the server receives the request at the beginning of each remote procedure call. @@ -86,17 +79,7 @@ 2 - Specifies that DCOM authenticates the credentials of the client. This field is constant. - - - + Specifies that DCOM authenticates the credentials of the client only when the client establishes a relationship with the server. This is the default value. @@ -117,15 +100,7 @@ 3 - Specifies that DCOM determines the authentication level. This field is constant. - - - + Specifies that DCOM determines the authentication level using its normal security-negotiation algorithm. @@ -167,15 +142,7 @@ 4 - Specifies that DCOM verifies that all data received is from the expected client. This field is constant. - - - + Specifies that DCOM verifies that all data received is from the expected client. The datagram transports always use Pkt authentication. @@ -196,15 +163,7 @@ 5 - Specifies that DCOM authenticates and verifies the data transferred. This field is constant. - - - + Specifies that DCOM authenticates and verifies that none of the data transferred between the client and the server has been modified. @@ -225,15 +184,7 @@ 6 - Specifies that DCOM authenticates all previous levels and does encryption. This field is constant. - - - + Specifies that DCOM authenticates all previous levels and encrypts the argument value of each remote procedure call. diff --git a/xml/System.Web.Configuration/ProcessModelComImpersonationLevel.xml b/xml/System.Web.Configuration/ProcessModelComImpersonationLevel.xml index ab5f5609f8a..ace49964d2d 100644 --- a/xml/System.Web.Configuration/ProcessModelComImpersonationLevel.xml +++ b/xml/System.Web.Configuration/ProcessModelComImpersonationLevel.xml @@ -18,15 +18,15 @@ class enumerates the values to use when you set the property. - - The default value is Impersonate. - - - -## Examples - The following code example shows how to access the property. +## Remarks + +`ProcessModelComImpersonationLevel` defines the values to use when you set the property. + +The default value is `Impersonate`. + +## Examples + +The following example shows how to access the property. [!code-csharp[System.Web.Configuration.ProcessModelSection#22](~/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.ProcessModelSection/CS/processmodelsection.cs#22)] [!code-vb[System.Web.Configuration.ProcessModelSection#22](~/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.ProcessModelSection/VB/processmodelsection.vb#22)] @@ -54,15 +54,7 @@ 1 - Specifies that the client is anonymous to the server. This field is constant. - - - + Specifies that the client is anonymous to the server. The server can impersonate the client, but the impersonation token will not contain any information. @@ -83,15 +75,7 @@ 0 - Specifies that DCOM determines the impersonation level. This field is constant. - - - + Specifies that DCOM determines the impersonation level using its normal security-negotiation algorithm. @@ -112,15 +96,7 @@ 2 - Specifies that the server process can impersonate the client's security context while acting on behalf of the client. This field is constant. - - - + Specifies that the server process can impersonate the client's security context while acting on behalf of the client. The server process can make outgoing calls to other servers while acting on behalf of the client by using cloaking. The server can use the client's security context on other computers to access local and remote resources as the client. When the process is impersonating the client at this level, the impersonation token can be passed across any number of computer boundaries. @@ -141,15 +117,7 @@ 3 - Specifies that the server can obtain the client's identity. This field is constant. - - - + Specifies that the server can obtain the client's identity. The server can impersonate the client for access control list (ACL) checking, but it cannot access system objects as the client. @@ -170,15 +138,7 @@ 4 - Specifies that the server process can impersonate the client's security context while acting on behalf of the client. This field is constant. - - - + Specifies that the server process can impersonate the client's security context while acting on behalf of the client. This level of impersonation can be used to access local resources such as files. When the process is impersonating the client at this level, the impersonation token can be passed across only one computer boundary. diff --git a/xml/System.Web.Configuration/ProcessModelLogLevel.xml b/xml/System.Web.Configuration/ProcessModelLogLevel.xml index 7514af958e5..6b9c920c12e 100644 --- a/xml/System.Web.Configuration/ProcessModelLogLevel.xml +++ b/xml/System.Web.Configuration/ProcessModelLogLevel.xml @@ -18,15 +18,15 @@ enumeration contains the values to use when you set the property. - - The default value is Errors. - - - -## Examples - The following code example shows how to set the property. +## Remarks + +The `ProcessModelLogLevel` enumeration contains the values to use when you set the property. + +The default value is `Errors`. + +## Examples + +The following example shows how to set the property. [!code-csharp[System.Web.Configuration.ProcessModelSection#23](~/samples/snippets/csharp/VS_Snippets_WebNet/System.Web.Configuration.ProcessModelSection/CS/processmodelsection.cs#23)] [!code-vb[System.Web.Configuration.ProcessModelSection#23](~/samples/snippets/visualbasic/VS_Snippets_WebNet/System.Web.Configuration.ProcessModelSection/VB/processmodelsection.vb#23)] @@ -55,15 +55,7 @@ 1 - Specifies that all process events are logged. This field is constant. - - - + Specifies that all process events are logged. Use this option when you want to explore the possible errors an application might issue, without any filtering. This option is useful during the building and debugging phase. @@ -85,15 +77,7 @@ 2 - Specifies that only unexpected shutdowns, memory-limit shutdowns, and deadlock shutdowns are logged. This field is constant. - - - + Specifies that only unexpected shutdowns, memory-limit shutdowns, and deadlock shutdowns are logged. This is the default value. @@ -115,15 +99,7 @@ 0 - Specifies that no events are logged. This field is constant. - - - + Specifies that no events are logged. You might want to use this option for tested and deployed applications. diff --git a/xml/System.Web.Security.AntiXss/LowerCodeCharts.xml b/xml/System.Web.Security.AntiXss/LowerCodeCharts.xml index bf05753b625..fef8d1e95ab 100644 --- a/xml/System.Web.Security.AntiXss/LowerCodeCharts.xml +++ b/xml/System.Web.Security.AntiXss/LowerCodeCharts.xml @@ -219,29 +219,7 @@ 127 - The code charts that are marked as safe on initialization. - - enumeration members: - -- BasicLatin - -- C1ControlsAndLatin1Supplement - -- LatinExtendedA - -- LatinExtendedB - -- IpaExtensions - -- SpacingModifierLetters - -- CombiningDiacriticalMarks - - ]]> - + The code charts that are marked as safe on initialization. is a bitwise combination of the following . members: , , , , , , , and . diff --git a/xml/System.Web.Security/MembershipPasswordFormat.xml b/xml/System.Web.Security/MembershipPasswordFormat.xml index 56a3f5c6299..f6a7d87e63b 100644 --- a/xml/System.Web.Security/MembershipPasswordFormat.xml +++ b/xml/System.Web.Security/MembershipPasswordFormat.xml @@ -27,7 +27,8 @@ class supports different password storage formats but you should only use `Hashed`; `Clear` and `Encrypted` are not secure. Clear passwords are not secure and shouldn't be used. They are stored in plain text. Encrypted passwords are not considered safe, as a breach that reveals your database contents can also expose the encryption key. This means your encrypted passwords could be decrypted and exposed. Passwords are encrypted when stored and can be decrypted for password comparison or password retrieval. Hashed passwords are encrypted using a one-way salted hash when stored in the database. When a password is validated, it is combined with a salt value and then hashed. The result is compared with the value in the database for verification. Hashed passwords cannot be retrieved. + +The class supports different password storage formats, but you should only use `Hashed`; `Clear` and `Encrypted` are not secure. Clear passwords are not secure and shouldn't be used. They are stored in plain text. Encrypted passwords are not considered safe, as a breach that reveals your database contents can also expose the encryption key. This means your encrypted passwords could be decrypted and exposed. Passwords are encrypted when stored and can be decrypted for password comparison or password retrieval. Hashed passwords are encrypted using a one-way salted hash when stored in the database. When a password is validated, it is combined with a salt value and then hashed. The result is compared with the value in the database for verification. Hashed passwords cannot be retrieved. > [!NOTE] > If you are not familiar with the membership features of ASP.NET, see [Introduction to Membership](https://msdn.microsoft.com/library/79184d17-f4c7-4c9f-a073-cec4f5543980(v=vs.100)) before continuing. For a list of other topics related to membership, see [Managing Users by Using Membership](https://msdn.microsoft.com/library/824c3a24-f0af-427c-a652-0d2d1e9397cd). @@ -127,15 +128,7 @@ 1 - Passwords are encrypted one-way using the SHA1 hashing algorithm. - - - + Passwords are encrypted one-way using the SHA1 hashing algorithm. You can specify a hashing algorithm different than the SHA1 algorithm by using the attribute. diff --git a/xml/System.Web.Services.Configuration/WebServiceProtocols.xml b/xml/System.Web.Services.Configuration/WebServiceProtocols.xml index 246711dd002..f664ad60a8a 100644 --- a/xml/System.Web.Services.Configuration/WebServiceProtocols.xml +++ b/xml/System.Web.Services.Configuration/WebServiceProtocols.xml @@ -134,18 +134,7 @@ 16 - The HTTP POST LOCALHOST protocol. - - [!CAUTION] -> See the Remarks section. This value only checks the request's host header to mitigate only browser-redirect attacks. Authentication and authorization are still required to restrict access to a Web service. - - ]]> - - + The HTTP POST LOCALHOST protocol.CAUTION: This value only checks the request's host header to mitigate only browser-redirect attacks. Authentication and authorization are still required to restrict access to a Web service. diff --git a/xml/System.Web.Services.Protocols/SoapMessageStage.xml b/xml/System.Web.Services.Protocols/SoapMessageStage.xml index a49610e9d54..a7e64b48455 100644 --- a/xml/System.Web.Services.Protocols/SoapMessageStage.xml +++ b/xml/System.Web.Services.Protocols/SoapMessageStage.xml @@ -20,13 +20,22 @@ that can inspect or modify a message at specific stages in message processing on either the client or the server. This enumeration specifies the processing stage of the . - - - +## Remarks + +ASP.NET provides an extensibility mechanism for calling Web Services using SOAP. The extensibility mechanism revolves around a that can inspect or modify a message at specific stages in message processing on either the client or the server. This enumeration specifies the processing stage of the . + +The following table shows when each stage occurs during SOAP client and server processing. + +|`SoapMessageStage`|During processing|During processing| +|---|---|---| +|`AfterDeserialize`|Occurs after the SOAP message containing the response from an XML Web service method invocation has been deserialized into an object, but prior to the client receiving the deserialized results.|Occurs after a network request containing a SOAP message representing an XML Web service method invocation is deserialized into an object, but prior to the method on that object representing the XML Web service method is called.| +|`AfterSerialize`|Occurs after a client invokes an XML Web service method and the parameters are serialized into XML, but prior to the SOAP message containing that XML is sent over the network.|Occurs after an XML Web service method returns and any return values are serialized into XML, but prior to the SOAP message containing that XML is sent over the network.| +|`BeforeDeserialize`|Occurs after the network response from an XML Web service method invocation has been received, but just before the response containing the SOAP message is deserialized into an object.|Occurs after a network request containing the SOAP message for an XML Web service method invocation is received by the Web server, but prior to the SOAP message being deserialized into an object.| +|`BeforeSerialize`|Occurs after a client invokes an XML Web service method, but prior to the invocation being serialized.|Occurs after the invocation to the XML Web service method returns, but prior to the return values being serialized and sent over the wire back to the client.| + ## Examples - The following code example is a fragment of a SOAP extension, which implements the method. Within the method, processing of a is handled specific to the . + +The following example is a fragment of a SOAP extension, which implements the method. Within the method, processing of a is handled specific to the . [!code-cpp[SoapMessageState#1](~/samples/snippets/cpp/VS_Snippets_Remoting/SoapMessageState/CPP/SoapMessageState.cpp#1)] [!code-csharp[SoapMessageState#1](~/samples/snippets/csharp/VS_Snippets_Remoting/SoapMessageState/CS/soapmessagestate.cs#1)] @@ -59,16 +68,6 @@ 8 The stage just after a is deserialized from a SOAP message into an object. - - processing, the AfterDeserialize stage occurs after the SOAP message containing the response from an XML Web service method invocation has been deserialized into an object, but prior to the client receiving the deserialized results. - - During processing, the AfterDeserialize stage occurs after a network request containing a SOAP message representing an XML Web service method invocation is deserialized into an object, but prior to the method on that object representing the XML Web service method is called. - - ]]> - @@ -92,16 +91,6 @@ 2 The stage just after a is serialized, but before the SOAP message is sent over the wire. - - processing, the AfterSerialize stage occurs after a client invokes an XML Web service method and the parameters are serialized into XML, but prior to the SOAP message containing that XML is sent over the network. - - During processing, the AfterSerialize stage occurs after an XML Web service method returns and any return values are serialized into XML, but prior to the SOAP message containing that XML is sent over the network. - - ]]> - @@ -125,16 +114,6 @@ 4 The stage just before a is deserialized from the SOAP message sent across the network into an object. - - processing, the BeforeDeserialize stage occurs after the network response from an XML Web service method invocation has been received, but just before the response containing the SOAP message is deserialized into an object. - - During processing, the BeforeDeserialize stage occurs after a network request containing the SOAP message for an XML Web service method invocation is received by the Web server, but prior to the SOAP message being deserialized into an object. - - ]]> - @@ -158,16 +137,6 @@ 1 The stage just prior to a being serialized. - - processing, the BeforeSerialize stage occurs after a client invokes an XML Web service method, but prior to the invocation being serialized. - - During processing, the BeforeSerialize stage occurs after the invocation to the XML Web service method returns, but prior to the return values being serialized and sent over the wire back to the client. - - ]]> - diff --git a/xml/System.Web/ReadEntityBodyMode.xml b/xml/System.Web/ReadEntityBodyMode.xml index 1f7ecd8e1b3..fdb21168321 100644 --- a/xml/System.Web/ReadEntityBodyMode.xml +++ b/xml/System.Web/ReadEntityBodyMode.xml @@ -74,15 +74,7 @@ 1 - The entity body has already been read and its contents have been put into HTTP request collections like , , , and . - - - + The entity body has already been read and its contents have been put into HTTP request collections like , , , and .Classic mode applies when ASP.NET pipeline processing has already occurred. For example, running an ASP.NET page or accessing a property in one of the HTTP request collections causes the entity body to be read, and the entity body contents are then put into the appropriate collection. From 076df88dffcb5507703e2ceb827757f38312a085 Mon Sep 17 00:00:00 2001 From: Ron Petrusha Date: Thu, 27 Jun 2019 08:06:21 -0700 Subject: [PATCH 2/2] Corrected misformred xml --- xml/System.Transactions/TransactionScopeAsyncFlowOption.xml | 2 +- xml/System.Web.Configuration/MachineKeyValidation.xml | 2 +- xml/System.Web.Services.Configuration/WebServiceProtocols.xml | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/xml/System.Transactions/TransactionScopeAsyncFlowOption.xml b/xml/System.Transactions/TransactionScopeAsyncFlowOption.xml index 36d0f544bc7..ee7ea221831 100644 --- a/xml/System.Transactions/TransactionScopeAsyncFlowOption.xml +++ b/xml/System.Transactions/TransactionScopeAsyncFlowOption.xml @@ -94,7 +94,7 @@ 0 - Specifies that transaction flow across thread continuations is suppressed. This is the default setting if no is specified in the is specified in the constructor. diff --git a/xml/System.Web.Configuration/MachineKeyValidation.xml b/xml/System.Web.Configuration/MachineKeyValidation.xml index f8c7e6b32e0..74c5c21e64c 100644 --- a/xml/System.Web.Configuration/MachineKeyValidation.xml +++ b/xml/System.Web.Configuration/MachineKeyValidation.xml @@ -78,7 +78,7 @@ 7 - Specifies that ASP.NET uses a custom hashing algorithm. The custom hashing algorithm can be implemented in any class that derives from .The custom algorithm is typically specified declaratively in the validation attribute of the machineKey element, in the format alg:`*algorithm_name*. For information about how to specify a custom algorithm in code, see the property. + Specifies that ASP.NET uses a custom hashing algorithm. The custom hashing algorithm can be implemented in any class that derives from .The custom algorithm is typically specified declaratively in the validation attribute of the machineKey element, in the format alg:`*algorithm_name*. For information about how to specify a custom algorithm in code, see the property. diff --git a/xml/System.Web.Services.Configuration/WebServiceProtocols.xml b/xml/System.Web.Services.Configuration/WebServiceProtocols.xml index f664ad60a8a..fd3dc5a8bd4 100644 --- a/xml/System.Web.Services.Configuration/WebServiceProtocols.xml +++ b/xml/System.Web.Services.Configuration/WebServiceProtocols.xml @@ -135,6 +135,7 @@ 16 The HTTP POST LOCALHOST protocol.CAUTION: This value only checks the request's host header to mitigate only browser-redirect attacks. Authentication and authorization are still required to restrict access to a Web service. +