From 2f3ae659256564799298c58689fe30eae6efcc50 Mon Sep 17 00:00:00 2001
From: iJungleboy <daniel.mettler@2sic.com>
Date: Wed, 11 Dec 2024 14:24:38 +0100
Subject: [PATCH] minor docs secure endpoint

---
 .../abyss/security/encrypt-body/index.md      |  3 +-
 docs/abyss/security/encrypt-body/index.html   |  3 +-
 ...ic.Sxc.WebApi.SecureEndpointAttribute.html | 58 ++++---------------
 docs/api/dot-net/ToSic.Sxc.WebApi.html        | 10 +++-
 docs/index.json                               |  4 +-
 docs/xrefmap.yml                              | 13 -----
 6 files changed, 24 insertions(+), 67 deletions(-)

diff --git a/docs-src/pages/abyss/security/encrypt-body/index.md b/docs-src/pages/abyss/security/encrypt-body/index.md
index 0c460ba19..3a0e68618 100644
--- a/docs-src/pages/abyss/security/encrypt-body/index.md
+++ b/docs-src/pages/abyss/security/encrypt-body/index.md
@@ -50,7 +50,8 @@ All of this is then sent to the server, which uses it to decrypt the data.
 1. The feature will automatically add a public key to the page
 1. The public key will be used to encrypt the POST body by the `$2sxc` JavaScript API
 1. The encrypted POST body will be sent to the server
-1. The server API must then use the `[SecureEndpoint]` attribute to decrypt the body (remember to add `@using ToSic.Sxc.WebApi`)
+1. The server API must then use the [`[SecureEndpoint]`](xref:ToSic.Sxc.WebApi.SecureEndpointAttribute)
+   attribute to decrypt the body (remember to add `@using ToSic.Sxc.WebApi`)
 
 ## Default Behavior
 
diff --git a/docs/abyss/security/encrypt-body/index.html b/docs/abyss/security/encrypt-body/index.html
index d805421df..d54a284ad 100644
--- a/docs/abyss/security/encrypt-body/index.html
+++ b/docs/abyss/security/encrypt-body/index.html
@@ -136,7 +136,8 @@ <h2 id="how-it-runs">How it Runs</h2>
 <li>The feature will automatically add a public key to the page</li>
 <li>The public key will be used to encrypt the POST body by the <code>$2sxc</code> JavaScript API</li>
 <li>The encrypted POST body will be sent to the server</li>
-<li>The server API must then use the <code>[SecureEndpoint]</code> attribute to decrypt the body (remember to add <code>@using ToSic.Sxc.WebApi</code>)</li>
+<li>The server API must then use the <a class="xref" href="../../../api/dot-net/ToSic.Sxc.WebApi.SecureEndpointAttribute.html"><code>[SecureEndpoint]</code></a>
+attribute to decrypt the body (remember to add <code>@using ToSic.Sxc.WebApi</code>)</li>
 </ol>
 <h2 id="default-behavior">Default Behavior</h2>
 <p>Basically if you</p>
diff --git a/docs/api/dot-net/ToSic.Sxc.WebApi.SecureEndpointAttribute.html b/docs/api/dot-net/ToSic.Sxc.WebApi.SecureEndpointAttribute.html
index 4067f3084..610850e60 100644
--- a/docs/api/dot-net/ToSic.Sxc.WebApi.SecureEndpointAttribute.html
+++ b/docs/api/dot-net/ToSic.Sxc.WebApi.SecureEndpointAttribute.html
@@ -105,7 +105,7 @@ <h5 class="offcanvas-title" id="tocOffcanvasLabel">Table of Contents</h5>
 
 
   <h1 id="ToSic_Sxc_WebApi_SecureEndpointAttribute" data-uid="ToSic.Sxc.WebApi.SecureEndpointAttribute" class="text-break">
-Class SecureEndpointAttribute  <a class="header-action link-secondary" title="View source" href="https://github.com/2sic/2sxc/blob/develop/Src/Sxc/ToSic.Sxc.WebApi/WebApi/SecureEndpoint/SecureEndpointAttributeNetFull.cs/#L29"><i class="bi bi-code-slash"></i></a>
+Class SecureEndpointAttribute  <a class="header-action link-secondary" title="View source" href="https://github.com/2sic/2sxc/blob/develop/Src/Sxc/ToSic.Sxc.WebApi/WebApi/SecureEndpoint/SecureEndpointAttributeNetFull.cs/#L31"><i class="bi bi-code-slash"></i></a>
   </h1>
 
   <div class="facts text-secondary">
@@ -113,9 +113,13 @@ <h1 id="ToSic_Sxc_WebApi_SecureEndpointAttribute" data-uid="ToSic.Sxc.WebApi.Sec
   <dl><dt>Assembly</dt><dd>ToSic.Sxc.WebApi.dll</dd></dl>
   </div>
 
-  <div class="markdown summary"><p>An ActionFilter attribute that automatically decrypts encrypted POST payloads for Web API endpoints.
-Apply this attribute to a controller or action method to seamlessly handle encrypted incoming POST requests,
-ensuring the decrypted data is available for processing within the action method.</p>
+  <div class="markdown summary"><p>Attribute for WebApi controllers, which automatically decrypts encrypted POST payloads for Web API endpoints.
+Use this attribute on controller or methods to automatically decrypt incoming POST requests.</p>
+<p>It will intercepts POST requests with JSON content, checks for encrypted data,
+and if present, decrypts the payload using the <span class="xref">ToSic.Eav.Security.Encryption.AesHybridCryptographyService</span>.
+It then deserializes the decrypted data into the expected parameter type and replaces the action arguments.
+If the payload is not encrypted, the request content remains unchanged.</p>
+<p>See <a class="xref" href="../../abyss/security/encrypt-body/index.html">Network POST Body Encryption (new v19)</a> for more information.</p>
 </div>
   <div class="markdown conceptual"></div>
 
@@ -152,57 +156,17 @@ <h1 id="ToSic_Sxc_WebApi_SecureEndpointAttribute" data-uid="ToSic.Sxc.WebApi.Sec
 
 
   <h2 id="ToSic_Sxc_WebApi_SecureEndpointAttribute_remarks">Remarks</h2>
-  <div class="markdown level0 remarks"><p>This attribute intercepts POST requests with JSON content, checks for encrypted data,
-and if present, decrypts the payload using the <span class="xref">ToSic.Eav.Security.Encryption.AesHybridCryptographyService</span>.
-It then deserializes the decrypted data into the expected parameter type and replaces the action arguments.
-If the payload is not encrypted, the request content remains unchanged.</p>
-<ul>
-<li>Introduced in version 18.05.</li>
+  <div class="markdown level0 remarks"><ul>
+<li>Introduced in version 19.00.</li>
 </ul>
 </div>
 
 
-  <h2 class="section" id="methods">Methods
-</h2>
-
-
-  <a id="ToSic_Sxc_WebApi_SecureEndpointAttribute_OnActionExecuting_" data-uid="ToSic.Sxc.WebApi.SecureEndpointAttribute.OnActionExecuting*"></a>
-
-  <h3 id="ToSic_Sxc_WebApi_SecureEndpointAttribute_OnActionExecuting_System_Web_Http_Controllers_HttpActionContext_" data-uid="ToSic.Sxc.WebApi.SecureEndpointAttribute.OnActionExecuting(System.Web.Http.Controllers.HttpActionContext)">
-  OnActionExecuting(HttpActionContext)
-  <a class="header-action link-secondary" title="View source" href="https://github.com/2sic/2sxc/blob/develop/Src/Sxc/ToSic.Sxc.WebApi/WebApi/SecureEndpoint/SecureEndpointAttributeNetFull.cs/#L35"><i class="bi bi-code-slash"></i></a>
-  </h3>
-
-  <div class="markdown level1 summary"><p>Occurs before the action method is invoked.</p>
-</div>
-  <div class="markdown level1 conceptual"></div>
-
-  <div class="codewrapper">
-    <pre><code class="lang-csharp hljs">public override void OnActionExecuting(HttpActionContext filterContext)</code></pre>
-  </div>
-
-  <h4 class="section">Parameters</h4>
-  <dl class="parameters">
-    <dt><code>filterContext</code> <span class="xref">HttpActionContext</span></dt>
-    <dd></dd>
-  </dl>
-
-
-
-
-
-
-
-
-
-
-
-
 
 </article>
 
         <div class="contribution d-print-none">
-          <a href="https://github.com/2sic/2sxc/blob/develop/Src/Sxc/ToSic.Sxc.WebApi/WebApi/SecureEndpoint/SecureEndpointAttributeNetFull.cs/#L29" class="edit-link">Edit this page</a>
+          <a href="https://github.com/2sic/2sxc/blob/develop/Src/Sxc/ToSic.Sxc.WebApi/WebApi/SecureEndpoint/SecureEndpointAttributeNetFull.cs/#L31" class="edit-link">Edit this page</a>
         </div>
 
 
diff --git a/docs/api/dot-net/ToSic.Sxc.WebApi.html b/docs/api/dot-net/ToSic.Sxc.WebApi.html
index fcf496457..34e2a995d 100644
--- a/docs/api/dot-net/ToSic.Sxc.WebApi.html
+++ b/docs/api/dot-net/ToSic.Sxc.WebApi.html
@@ -119,9 +119,13 @@ <h3 id="classes">
     </dl>
     <dl class="jumplist">
       <dt><a class="xref" href="ToSic.Sxc.WebApi.SecureEndpointAttribute.html">SecureEndpointAttribute</a></dt>
-      <dd><p>An ActionFilter attribute that automatically decrypts encrypted POST payloads for Web API endpoints.
-Apply this attribute to a controller or action method to seamlessly handle encrypted incoming POST requests,
-ensuring the decrypted data is available for processing within the action method.</p>
+      <dd><p>Attribute for WebApi controllers, which automatically decrypts encrypted POST payloads for Web API endpoints.
+Use this attribute on controller or methods to automatically decrypt incoming POST requests.</p>
+<p>It will intercepts POST requests with JSON content, checks for encrypted data,
+and if present, decrypts the payload using the <span class="xref">ToSic.Eav.Security.Encryption.AesHybridCryptographyService</span>.
+It then deserializes the decrypted data into the expected parameter type and replaces the action arguments.
+If the payload is not encrypted, the request content remains unchanged.</p>
+<p>See <a class="xref" href="../../abyss/security/encrypt-body/index.html">Network POST Body Encryption (new v19)</a> for more information.</p>
 </dd>
     </dl>
     <h3 id="enums">
diff --git a/docs/index.json b/docs/index.json
index ee4cd6481..a8045f73b 100644
--- a/docs/index.json
+++ b/docs/index.json
@@ -2692,12 +2692,12 @@
   "api/dot-net/ToSic.Sxc.WebApi.SecureEndpointAttribute.html": {
     "href": "api/dot-net/ToSic.Sxc.WebApi.SecureEndpointAttribute.html",
     "title": "Class SecureEndpointAttribute | 2sxc 18 for Dnn and Oqtane",
-    "keywords": "Class SecureEndpointAttribute Namespace ToSic.Sxc.WebApi Assembly ToSic.Sxc.WebApi.dll An ActionFilter attribute that automatically decrypts encrypted POST payloads for Web API endpoints. Apply this attribute to a controller or action method to seamlessly handle encrypted incoming POST requests, ensuring the decrypted data is available for processing within the action method. [PublicApi] [AttributeUsage(AttributeTargets.Class|AttributeTargets.Method)] public class SecureEndpointAttribute : ActionFilterAttribute, _Attribute Inheritance object Attribute FilterAttribute ActionFilterAttribute SecureEndpointAttribute Implements _Attribute Remarks This attribute intercepts POST requests with JSON content, checks for encrypted data, and if present, decrypts the payload using the ToSic.Eav.Security.Encryption.AesHybridCryptographyService. It then deserializes the decrypted data into the expected parameter type and replaces the action arguments. If the payload is not encrypted, the request content remains unchanged. Introduced in version 18.05. Methods OnActionExecuting(HttpActionContext) Occurs before the action method is invoked. public override void OnActionExecuting(HttpActionContext filterContext) Parameters filterContext HttpActionContext"
+    "keywords": "Class SecureEndpointAttribute Namespace ToSic.Sxc.WebApi Assembly ToSic.Sxc.WebApi.dll Attribute for WebApi controllers, which automatically decrypts encrypted POST payloads for Web API endpoints. Use this attribute on controller or methods to automatically decrypt incoming POST requests. It will intercepts POST requests with JSON content, checks for encrypted data, and if present, decrypts the payload using the ToSic.Eav.Security.Encryption.AesHybridCryptographyService. It then deserializes the decrypted data into the expected parameter type and replaces the action arguments. If the payload is not encrypted, the request content remains unchanged. See Network POST Body Encryption (new v19) for more information. [PublicApi] [AttributeUsage(AttributeTargets.Class|AttributeTargets.Method)] public class SecureEndpointAttribute : ActionFilterAttribute, _Attribute Inheritance object Attribute FilterAttribute ActionFilterAttribute SecureEndpointAttribute Implements _Attribute Remarks Introduced in version 19.00."
   },
   "api/dot-net/ToSic.Sxc.WebApi.html": {
     "href": "api/dot-net/ToSic.Sxc.WebApi.html",
     "title": "Namespace ToSic.Sxc.WebApi | 2sxc 18 for Dnn and Oqtane",
-    "keywords": "Namespace ToSic.Sxc.WebApi Classes JsonFormatterAttribute Mark a WebApi to use the modern Json Formatter based on System.Text.Json. Without this, older WebApi Controllers use the Newtonsoft JSON Formatter. Also provides additional configuration to make certain work easier. SecureEndpointAttribute An ActionFilter attribute that automatically decrypts encrypted POST payloads for Web API endpoints. Apply this attribute to a controller or action method to seamlessly handle encrypted incoming POST requests, ensuring the decrypted data is available for processing within the action method. Enums Casing Determines what casing to use when converting data to JSON. This is for the JsonFormatterAttribute. Can be used as flags, so you can say Casing = Casing.CamelCase or Casing = Casing.ObjectPascal | Casing.DictionaryCamel EntityFormat Formats to use for automatic Entity to JSON conversion. This is for the JsonFormatterAttribute. As of now it only has None and Light, in future we plan to extend this with other formats. Default is usually Light."
+    "keywords": "Namespace ToSic.Sxc.WebApi Classes JsonFormatterAttribute Mark a WebApi to use the modern Json Formatter based on System.Text.Json. Without this, older WebApi Controllers use the Newtonsoft JSON Formatter. Also provides additional configuration to make certain work easier. SecureEndpointAttribute Attribute for WebApi controllers, which automatically decrypts encrypted POST payloads for Web API endpoints. Use this attribute on controller or methods to automatically decrypt incoming POST requests. It will intercepts POST requests with JSON content, checks for encrypted data, and if present, decrypts the payload using the ToSic.Eav.Security.Encryption.AesHybridCryptographyService. It then deserializes the decrypted data into the expected parameter type and replaces the action arguments. If the payload is not encrypted, the request content remains unchanged. See Network POST Body Encryption (new v19) for more information. Enums Casing Determines what casing to use when converting data to JSON. This is for the JsonFormatterAttribute. Can be used as flags, so you can say Casing = Casing.CamelCase or Casing = Casing.ObjectPascal | Casing.DictionaryCamel EntityFormat Formats to use for automatic Entity to JSON conversion. This is for the JsonFormatterAttribute. As of now it only has None and Light, in future we plan to extend this with other formats. Default is usually Light."
   },
   "api/dot-net/ToSic.Sxc.html": {
     "href": "api/dot-net/ToSic.Sxc.html",
diff --git a/docs/xrefmap.yml b/docs/xrefmap.yml
index 556906108..078426df0 100644
--- a/docs/xrefmap.yml
+++ b/docs/xrefmap.yml
@@ -26428,19 +26428,6 @@ references:
   commentId: T:ToSic.Sxc.WebApi.SecureEndpointAttribute
   fullName: ToSic.Sxc.WebApi.SecureEndpointAttribute
   nameWithType: SecureEndpointAttribute
-- uid: ToSic.Sxc.WebApi.SecureEndpointAttribute.OnActionExecuting(System.Web.Http.Controllers.HttpActionContext)
-  name: OnActionExecuting(HttpActionContext)
-  href: api/dot-net/ToSic.Sxc.WebApi.SecureEndpointAttribute.html#ToSic_Sxc_WebApi_SecureEndpointAttribute_OnActionExecuting_System_Web_Http_Controllers_HttpActionContext_
-  commentId: M:ToSic.Sxc.WebApi.SecureEndpointAttribute.OnActionExecuting(System.Web.Http.Controllers.HttpActionContext)
-  fullName: ToSic.Sxc.WebApi.SecureEndpointAttribute.OnActionExecuting(System.Web.Http.Controllers.HttpActionContext)
-  nameWithType: SecureEndpointAttribute.OnActionExecuting(HttpActionContext)
-- uid: ToSic.Sxc.WebApi.SecureEndpointAttribute.OnActionExecuting*
-  name: OnActionExecuting
-  href: api/dot-net/ToSic.Sxc.WebApi.SecureEndpointAttribute.html#ToSic_Sxc_WebApi_SecureEndpointAttribute_OnActionExecuting_
-  commentId: Overload:ToSic.Sxc.WebApi.SecureEndpointAttribute.OnActionExecuting
-  isSpec: "True"
-  fullName: ToSic.Sxc.WebApi.SecureEndpointAttribute.OnActionExecuting
-  nameWithType: SecureEndpointAttribute.OnActionExecuting
 - uid: WebApi.Csutom
   name: 2sxc Custom C# Web APIs
   href: web-api/custom.html