AntiForgeryConfig Class

Provides programmatic configuration for the anti-forgery token system.

Inheritance Hierarchy

SystemObject
GSF.Web.SecurityAntiForgeryConfig

Namespace: GSF.Web.Security
Assembly: GSF.Web (in GSF.Web.dll) Version: 2.4.181-beta

Syntax

public static class AntiForgeryConfig

Public NotInheritable Class AntiForgeryConfig

public ref class AntiForgeryConfig abstract sealed

[<AbstractClassAttribute>]
[<SealedAttribute>]
type AntiForgeryConfig = class end

GSF.Web.Security.AntiForgeryConfig = function();

Type.createClass(
	'GSF.Web.Security.AntiForgeryConfig');

The AntiForgeryConfig type exposes the following members.

Properties

	Name	Description
	AdditionalDataProvider	Specifies an object that can provide additional data to put into all generated tokens and that can validate additional data in incoming tokens.
	CookieName	Specifies the name of the cookie that is used by the anti-forgery system.
	RequireSsl	Specifies whether SSL is required for the anti-forgery system to operate. If this setting is 'true' and a non-SSL request comes into the system, all anti-forgery APIs will fail.
	SuppressIdentityHeuristicChecks	Specifies whether the anti-forgery system should skip checking for conditions that might indicate misuse of the system. Please use caution when setting this switch, as improper use could open security holes in the application.
	SuppressXFrameOptionsHeader	Specifies whether to suppress the generation of X-Frame-Options header which is used to prevent ClickJacking. By default, the X-Frame-Options header is generated with the value SAMEORIGIN. If this setting is true, the X-Frame-Options header will not be generated for the response.