huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use Strict SameSite mode for temp data cookies

This commit is contained in:
John Luo 2017-05-30 21:04:32 -07:00
parent df75fd2188
commit 3a4cae72bd
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/Microsoft.AspNetCore.Mvc.ViewFeatures/ViewFeatures/CookieTempDataProvider.cs
View File

@ -65,6 +65,7 @@ namespace Microsoft.AspNetCore.Mvc.ViewFeatures
{
Domain = string.IsNullOrEmpty(_options.Domain) ? null : _options.Domain,
HttpOnly = true,
SameSite = SameSiteMode.Strict,
Secure = context.Request.IsHttps,
};
SetCookiePath(context, cookieOptions);