Click or drag to resize

AntiForgeryConfig Class

Provides programmatic configuration for the anti-forgery token system.
Inheritance Hierarchy
SystemObject
  GSF.Web.SecurityAntiForgeryConfig

Namespace: GSF.Web.Security
Assembly: GSF.Web (in GSF.Web.dll) Version: 2.4.218-beta
Syntax
public static class AntiForgeryConfig
View Source

The AntiForgeryConfig type exposes the following members.

Properties
 NameDescription
Public propertyStatic memberAdditionalDataProvider Specifies an object that can provide additional data to put into all generated tokens and that can validate additional data in incoming tokens.
Public propertyStatic memberCookieName Specifies the name of the cookie that is used by the anti-forgery system.
Public propertyStatic memberRequireSsl Specifies whether SSL is required for the anti-forgery system to operate. If this setting is 'true' and a non-SSL request comes into the system, all anti-forgery APIs will fail.
Public propertyStatic memberSuppressIdentityHeuristicChecks Specifies whether the anti-forgery system should skip checking for conditions that might indicate misuse of the system. Please use caution when setting this switch, as improper use could open security holes in the application.
Public propertyStatic memberSuppressXFrameOptionsHeader Specifies whether to suppress the generation of X-Frame-Options header which is used to prevent ClickJacking. By default, the X-Frame-Options header is generated with the value SAMEORIGIN. If this setting is true, the X-Frame-Options header will not be generated for the response.
Top
See Also