Grid Solutions Framework Documentation

Grid Solutions Framework Documentation

GSF.Web.Security

AntiForgeryConfig Class

AntiForgeryConfig Properties

AdditionalDataProvider Property

CookieName Property

RequireSsl Property

SuppressIdentityHeuristicChecks Property

SuppressXFrameOptionsHeader Property

Click or drag to resize

AntiForgeryConfig Properties

The AntiForgeryConfig type exposes the following members.

Properties

	Name	Description
	AdditionalDataProvider	Specifies an object that can provide additional data to put into all generated tokens and that can validate additional data in incoming tokens.
	CookieName	Specifies the name of the cookie that is used by the anti-forgery system.
	RequireSsl	Specifies whether SSL is required for the anti-forgery system to operate. If this setting is 'true' and a non-SSL request comes into the system, all anti-forgery APIs will fail.
	SuppressIdentityHeuristicChecks	Specifies whether the anti-forgery system should skip checking for conditions that might indicate misuse of the system. Please use caution when setting this switch, as improper use could open security holes in the application.
	SuppressXFrameOptionsHeader	Specifies whether to suppress the generation of X-Frame-Options header which is used to prevent ClickJacking. By default, the X-Frame-Options header is generated with the value SAMEORIGIN. If this setting is true, the X-Frame-Options header will not be generated for the response.

Top

See Also

Reference

AntiForgeryConfig Class

GSF.Web.Security Namespace

See Grid Solutions Framework Project for latest code.

Copyright © 2018, Grid Protection Alliance. All Rights Reserved.

Send comments on this topic to GPA Development