Updates based on review feedback

src/Umbraco.Core/Configuration/Models/ContentErrorPage.cs

@@ -4,7 +4,7 @@ namespace Umbraco.Core.Configuration.Models
 {
     public class ContentErrorPage
     {
-        //TODO introduce valiation, to check only one of key/id/xPath is used.
+        //TODO introduce validation, to check only one of key/id/xPath is used.
         public int ContentId { get; }
         public Guid ContentKey { get; }
         public string ContentXPath { get; }

src/Umbraco.Tests.Integration/TestServerTest/UmbracoBuilderExtensions.cs

@@ -30,7 +30,6 @@ namespace Umbraco.Tests.Integration.TestServerTest
                         typeof(UmbracoBuilderExtensions).Assembly,
                         AppCaches.NoCache, // Disable caches in integration tests
                         testHelper.GetLoggingConfiguration(),
-                        // TODO: Yep that's extremely ugly
                         (globalSettings, connectionStrings, umbVersion, ioHelper, logger, profiler, hostingEnv,
                             backOfficeInfo, typeFinder, appCaches, dbProviderFactoryCreator) =>
                         {

src/Umbraco.Tests/Models/VariationTests.cs

@@ -30,10 +30,6 @@ namespace Umbraco.Tests.Models
 
             Current.Reset();
 
-            // var configs = TestHelper.GetConfigs();
-            // configs.Add(() => SettingsForTests.DefaultGlobalSettings);
-            // configs.Add(SettingsForTests.GenerateMockContentSettings);
-
             _factory = Mock.Of<IFactory>();
 
             var dataTypeService = Mock.Of<IDataTypeService>();

src/Umbraco.Web.BackOffice/Filters/CheckIfUserTicketDataIsStaleAttribute.cs

@@ -66,21 +66,26 @@ namespace Umbraco.Web.BackOffice.Filters
 
                 await CheckStaleData(actionContext);
 
-                //we need new tokens and append the custom header if changes have been made
+                //return if nothing is updated
                 if (_requestCache.Get(nameof(CheckIfUserTicketDataIsStaleFilter)) is null)
                     return;
 
+                await UpdateTokesAndAppendCustomHeaders(actionContext);
+            }
+
+            private async Task UpdateTokesAndAppendCustomHeaders(ActionExecutingContext actionContext)
+            {
                 var tokenFilter =
                     new SetAngularAntiForgeryTokensAttribute.SetAngularAntiForgeryTokensFilter(_backOfficeAntiforgery,
                         _globalSettings);
-                await tokenFilter.OnActionExecutionAsync(actionContext, () => Task.FromResult(new ActionExecutedContext(actionContext, new List<IFilterMetadata>(), null)));
+                await tokenFilter.OnActionExecutionAsync(actionContext,
+                    () => Task.FromResult(new ActionExecutedContext(actionContext, new List<IFilterMetadata>(), null)));
 
                 //add the header
                 AppendUserModifiedHeaderAttribute.AppendHeader(actionContext);
             }
 
 
-
             private async Task CheckStaleData(ActionExecutingContext actionContext)
             {
                 if (actionContext?.HttpContext.Request == null || actionContext.HttpContext.User?.Identity == null)

src/Umbraco.Web.Common/Extensions/UmbracoCoreServiceCollectionExtensions.cs

@@ -143,7 +143,7 @@ namespace Umbraco.Extensions
             services.Configure<NuCacheSettings>(configuration.GetSection(Constants.Configuration.ConfigPrefix + "NuCache"));
             services.Configure<RequestHandlerSettings>(configuration.GetSection(Constants.Configuration.ConfigPrefix + "RequestHandler"));
             services.Configure<RuntimeSettings>(configuration.GetSection(Constants.Configuration.ConfigPrefix + "Runtime"));
-            services.Configure<SecuritySettings>(configuration.GetSection(Constants.Configuration.ConfigSecurityPrefix));
+            services.Configure<SecuritySettings>(configuration.GetSection(Constants.Configuration.ConfigPrefix + "Security"));
             services.Configure<TourSettings>(configuration.GetSection(Constants.Configuration.ConfigPrefix + "Tours"));
             services.Configure<TypeFinderSettings>(configuration.GetSection(Constants.Configuration.ConfigPrefix + "TypeFinder"));
             services.Configure<UserPasswordConfigurationSettings>(configuration.GetSection(Constants.Configuration.ConfigSecurityPrefix + "UserPassword"));
@@ -213,7 +213,7 @@ namespace Umbraco.Extensions
         /// <param name="requestCache"></param>
         /// <param name="httpContextAccessor"></param>
         /// <param name="loggingConfiguration"></param>
-        /// <param name="getRuntime">Delegate to create ana <see cref="IRuntime"/></param>
+        /// <param name="getRuntime">Delegate to create an <see cref="IRuntime"/></param>
         /// <param name="factory"></param>
         /// <returns></returns>
         public static IServiceCollection AddUmbracoCore(

src/Umbraco.Web/Security/AuthenticationExtensions.cs

@@ -164,7 +164,7 @@ namespace Umbraco.Web.Security
         public static AuthenticationTicket GetUmbracoAuthTicket(this IOwinContext ctx)
         {
             if (ctx == null) throw new ArgumentNullException(nameof(ctx));
-            return GetAuthTicket(ctx, /*Current.Configs.Security() TODO*/new SecuritySettings().AuthCookieName);
+            return GetAuthTicket(ctx, /*Current.Configs.Security() TODO introduce injection instead of default value*/new SecuritySettings().AuthCookieName);
         }
 
         private static AuthenticationTicket GetAuthTicket(this IOwinContext owinCtx, string cookieName)

src/Umbraco.Web/Security/ExternalSignInAutoLinkOptions.cs

@@ -23,7 +23,7 @@ namespace Umbraco.Web.Security
         {
             _defaultUserGroups = defaultUserGroups ?? new[] { Constants.Security.EditorGroupAlias };
             _autoLinkExternalAccount = autoLinkExternalAccount;
-            _defaultCulture = defaultCulture ?? /*Current.Configs.Global().DefaultUILanguage TODO */ "en-US";
+            _defaultCulture = defaultCulture ?? /*Current.Configs.Global().DefaultUILanguage TODO reintroduce config value*/ "en-US";
         }
 
         private readonly string[] _defaultUserGroups;

src/Umbraco.Web/UmbracoApplicationBase.cs

@@ -40,8 +40,6 @@ namespace Umbraco.Web
         {
             if (!Umbraco.Composing.Current.IsInitialized)
             {
-                //var configFactory = new ConfigsFactory();
-
                 HostingSettings hostingSettings = null;
                 GlobalSettings globalSettings = null;
                 SecuritySettings securitySettings = null;

src/Umbraco.Web/UmbracoModule.cs

@@ -75,7 +75,7 @@ namespace Umbraco.Web
             else if (pcr.Is404)
             {
                 response.StatusCode = 404;
-                response.TrySkipIisCustomErrors = /*Current.Configs.WebRouting().TrySkipIisCustomErrors; TODO */ false;
+                response.TrySkipIisCustomErrors = /*Current.Configs.WebRouting().TrySkipIisCustomErrors; TODO introduce from config*/ false;
 
                 if (response.TrySkipIisCustomErrors == false)
                     logger.Warn<UmbracoModule>("Status code is 404 yet TrySkipIisCustomErrors is false - IIS will take over.");