Menu
I recently realized that my project's .Publish.xml file is being committed to source control. While it seems like the FTP password in the file is encrypted, how safe is it to be storing? Can it be reverse engineered by 3rd parties?
675
Our own experiences of including the publish.xml file in source control are the password is not stored in clear text but another user can make use of the file to publish to the ftp account, so presumably whatever key is used to encrypt/encode the password is availible somewhere.
The other thing that we noticed was that if you try and publish the project without having the publish.xml file checked out it causes all sorts of problems, even to the extent of causing visual studio to hang, although we haven't conducted much further research into this yet.
115
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
