Browse Source

Added requirement of ssl for cookies and anti-forgery token

tags/2.0.3
Teknikode 4 years ago
parent
commit
683631e4bf
2 changed files with 5 additions and 0 deletions
  1. 4
    0
      Teknik/Global.asax.cs
  2. 1
    0
      Teknik/Web.config

+ 4
- 0
Teknik/Global.asax.cs View File

@@ -34,6 +34,8 @@ namespace Teknik

AreaRegistration.RegisterAllAreas();

AntiForgeryConfig.RequireSsl = true;

FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
@@ -43,6 +45,7 @@ namespace Teknik
{
HttpContext context = HttpContext.Current;
// Start the generation time stopwatcher
var stopwatch = new Stopwatch();
HttpContext.Current.Items["Stopwatch"] = stopwatch;
stopwatch.Start();
@@ -52,6 +55,7 @@ namespace Teknik
{
HttpContext context = HttpContext.Current;

// Set the generation time in the header
Stopwatch stopwatch = (Stopwatch)context.Items["Stopwatch"];
stopwatch.Stop();


+ 1
- 0
Teknik/Web.config View File

@@ -23,6 +23,7 @@
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
<system.web>
<httpCookies httpOnlyCookies="true" requireSSL="true" />
<customErrors mode="Off" />
<authentication mode="Forms">
<forms domain=".teknik.io" protection="All" enableCrossAppRedirects="true" name="TeknikAuth" />

Loading…
Cancel
Save