kocoded/oqtane.framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adds AntiForgery Cookie setting options.Cookie.HttpOnly = true;

Browse Source
This commit is contained in:
Cody 2024-08-08 12:24:42 -07:00 committed by GitHub
parent a5f8651941
commit dcf919fb36
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Oqtane.Server/Startup.cs
View File

@ -100,6 +100,7 @@ namespace Oqtane
options.Cookie.Name = Constants.AntiForgeryTokenCookieName; options.Cookie.Name = Constants.AntiForgeryTokenCookieName;
options.Cookie.SameSite = SameSiteMode.Strict; options.Cookie.SameSite = SameSiteMode.Strict;
options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest; options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
options.Cookie.HttpOnly = true;
}); });
services.AddIdentityCore<IdentityUser>(options => { }) services.AddIdentityCore<IdentityUser>(options => { })