Skip to main content

AntiForgeryConfig

Provides programmatic configuration for the anti-forgery token system.

Assembly: ServiceStack.Razor.dll
View Source
Declaration
public static class AntiForgeryConfig

Properties

AdditionalDataProvider

Specifies an object that can provide additional data to put into all generated tokens and that can validate additional data in incoming tokens.

View Source
Declaration
public static IAntiForgeryAdditionalDataProvider AdditionalDataProvider { get; set; }

CookieName

Specifies the name of the cookie that is used by the anti-forgery system.

View Source
Declaration
public static string CookieName { get; set; }

RequireSsl

Specifies whether SSL is required for the anti-forgery system to operate. If this setting is 'true' and a non-SSL request comes into the system, all anti-forgery APIs will fail.

View Source
Declaration
public static bool RequireSsl { get; set; }

SuppressIdentityHeuristicChecks

Specifies whether the anti-forgery system should skip checking for conditions that might indicate misuse of the system. Please use caution when setting this switch, as improper use could open security holes in the application.

View Source
Declaration
public static bool SuppressIdentityHeuristicChecks { get; set; }

UniqueClaimTypeIdentifier

If claims-based authorization is in use, specifies the claim type from the identity that is used to uniquely identify the user. If this property is set, all claims-based identities <em>must</em> return unique values for this claim type.

View Source
Declaration
public static string UniqueClaimTypeIdentifier { get; set; }