Query regarding the HttpContext.Items usage to store sensitive information

I am currently looking at writing a middleware to help with a multitenant app and split data between a databases per tenancy. I been doing some reading and looking at examples online and I see a lot of people use the HttpContext Items to hold data. Such as a DBContext or tenant information.

Is using the httpContext items for that purpose a correct usage? In terms of the items in httpContext, are they “viewable” to the end user in some manor or is anything you add in is only accessible by server?

Thanks

submitted by /u/zh12a
[link] [comments]

Leave a Reply