DEVHIDE
Login Or Sign up

Why Antiforgery CookieSecurePolicy not applying?

395 Views Asked by At

I want to make my Antiforgery cookies secured, so I add some changes to my code:

    services.AddMvc();

    services.AddAntiforgery(opts => {
        opts.Cookie.HttpOnly = true;
        opts.Cookie.SecurePolicy = CookieSecurePolicy.Always;
        opts.Cookie.Domain = "localhost";
        opts.Cookie.SameSite = SameSiteMode.Strict;
    });

But even after I set secure policy, there are no changes on my cookies: Antiforgery cookies not secured, browser connection is secured (https).

asp.net-core-2.1
Original Q&A
1

There are 1 best solutions below

0
On BEST ANSWER

The correct way for .net core 2.1 is to add the next code to your Startup.cs:

        var cookiePolicyOptions = new CookiePolicyOptions
        {
            MinimumSameSitePolicy = SameSiteMode.Strict,
            Secure = CookieSecurePolicy.Always,
        };
        app.UseCookiePolicy(cookiePolicyOptions);

You also could check documentation about cookies setup here.

Related Questions in ASP.NET-CORE-2.1

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.