huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Send HttpOnly (if applicable) when deleting cookies (#12593)

This commit is contained in:
Brennan 2019-07-25 17:42:23 -07:00 committed by GitHub
parent d7bfbb5824
commit 331ff2404d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Security/Authentication/test/WsFederation/WsFederationTest.cs
View File

@ -190,7 +190,7 @@ namespace Microsoft.AspNetCore.Authentication.WsFederation
response.EnsureSuccessStatusCode();
var cookie = response.Headers.GetValues(HeaderNames.SetCookie).Single();
Assert.Equal(".AspNetCore.Cookies=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax", cookie);
Assert.Equal(".AspNetCore.Cookies=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; samesite=lax; httponly", cookie);
Assert.Equal("OnRemoteSignOut", response.Headers.GetValues("EventHeader").Single());
Assert.Equal("", await response.Content.ReadAsStringAsync());
}

2
src/Shared/ChunkingCookieManager/ChunkingCookieManager.cs
View File

@ -289,6 +289,7 @@ namespace Microsoft.AspNetCore.Internal
Secure = options.Secure,
IsEssential = options.IsEssential,
Expires = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc),
HttpOnly = options.HttpOnly,
});
for (int i = 1; i <= chunks; i++)
@ -305,6 +306,7 @@ namespace Microsoft.AspNetCore.Internal
Secure = options.Secure,
IsEssential = options.IsEssential,
Expires = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc),
HttpOnly = options.HttpOnly,
});
}
}