How can I prevent sensitive information found in memory after a HTTP Request in C# .NET?
I have written a Console Application (net6.0) which makes HTTP Request. After executing the app, I took a dump (using Task Manager) and found sensitive information (Data in HttpResponseMessage and username, password submitted via the HTTP Request).
How can I prevent sensitive information found in memory? (something like, make sure those data is not in plain text in the dump)
class Program
{
static readonly HttpClient client = new HttpClient();
static async Task Main()
{
try
{
Dictionary<string, string> values = new()
{
{ "email", "[email protected]"},
{ "password", "alex"}
};
FormUrlEncodedContent content = new(values);
HttpResponseMessage response = await client.PostAsync("https://fake-api-jwt-json-server.tvbishan.repl.co/auth/login", content);
}
catch (HttpRequestException e)
{
Console.WriteLine("\nException Caught!");
Console.WriteLine("Message :{0} ", e.Message);
}
}
}
Dump File
PS: I found some Stackoverflow questions regarding the same issue asked a couple of years ago. Unfortunately, they are not helpful to solve my issue.