Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update README and clarify userID generation #2921

Closed
iMicknl opened this issue Feb 19, 2020 · 1 comment · Fixed by #2968
Closed

Update README and clarify userID generation #2921

iMicknl opened this issue Feb 19, 2020 · 1 comment · Fixed by #2968
Assignees
@corinagum
Labels
area-docs Documentation required Bot Services Required for internal Azure reporting. Do not delete. Do not change color. customer-replied-to Required for internal reporting. Do not delete. customer-reported Required for internal Azure reporting. Do not delete.

Comments

@iMicknl
Copy link
Member

iMicknl commented Feb 19, 2020

Describe the bug

I have spoken to some people who faced the same problem where there user state was shared, because they just used the example from README.md. This example already states that userID is an optional parameter, however it doesn't clearly state that sharing user state is a security risk. Many people use YOUR_USER_ID as a token..

Example SO question

Could we possibly make this more clear?
@iMicknl iMicknl added Bot Services Required for internal Azure reporting. Do not delete. Do not change color. bug Indicates an unexpected problem or an unintended behavior. Pending customer-reported Required for internal Azure reporting. Do not delete. labels Feb 19, 2020
@corinagum corinagum self-assigned this Feb 19, 2020
@corinagum
Copy link
Contributor

@iMicknl, thanks for the suggestion. I agree that this seems to be a common pain point so we should make the information readily available.

For now, I'm going to add this to our FAQ list, and I've assigned the issue to myself. This won't be a part of our current milestone, but hopefully I can get the docs updated soon!

@corinagum corinagum added area-docs Documentation required Enhancement customer-replied-to Required for internal reporting. Do not delete. and removed bug Indicates an unexpected problem or an unintended behavior. Pending labels Feb 19, 2020
@corinagum corinagum mentioned this issue Feb 19, 2020
Open
37 tasks
@corinagum corinagum added the QOL label Mar 2, 2020
corinagum pushed a commit to corinagum/BotFramework-WebChat that referenced this issue Mar 2, 2020
microsoft#2921 add more docs on userID
6df1d9f
@corinagum corinagum mentioned this issue Mar 2, 2020
Merged
corinagum added a commit that referenced this issue Mar 3, 2020
@corinagum
Docs updates and sample fixes (#2968)
0f8f0cb 
* Add some docs file links to README

* #2921 add more docs on userID

* Fix sample links in piping-to-redux sample

* Update CHANGELOG.md

* Remove redundant docs linking
@compulim compulim mentioned this issue Mar 5, 2020
Closed
40 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@corinagum corinagum

Labels
area-docs Documentation required Bot Services Required for internal Azure reporting. Do not delete. Do not change color. customer-replied-to Required for internal reporting. Do not delete. customer-reported Required for internal Azure reporting. Do not delete.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Docs updates and sample fixes corinagum/BotFramework-WebChat
2 participants
@iMicknl @corinagum