ASP.NET Core Web Api Antiforgery - Share Tech Links

ASP.NET Core Web Api Antiforgery

ASP.NET Core Web Api Antiforgery

If you decide to go with cookies and if your web api is consumed through a web application (e.g. Angular) it will be vulnerable to cross-site request forgery attacks (frequently referred to as CSRF or XSRF).

Bharat Dwarkani shared on Mar 05, 2020

blinkingcaret.com

#.NET Core #csrf #anti-forgery-token #security

137

137

View all .NET Core related posts

Tags

authentication x42 security x34 entity-framework x27 deployment x26 docker x23 azure x22 api x15 identity-server x14 mediatr x13 performance x12 web-api x12 microservices x12 get-started x12 github x11 clean-architecture x10 grpc x10 authorization x10 architecture x10 multi-tenant x9 integration-tests x8 swagger x8 middleware x8 kubernetes x7 open-source x7 design-pattern x7 cqrs x7 unit-testing x7 angular x7 caching x7 health-check x7 linux-hosting x7 logging x6 identity x6 aws x5 background-service x5 getting-started x5 file-upload x5 ml-net x5 ci x5 jwt x5 role-based x5 dependency-injection x5 signalr x5 oauth x5 aspnetcore x4 migration x4 saas x4 library x4 paging x4 configuration x4 sample-project x4 razor x4 nugget x4 linux x4 analyzers x4 fluent-validation x4 microservice x4 video x4 framework x4 ddd x4 visual-studio x4 raspberry x4 general x3 redis x3 dapper x3 sorting x3 filtering x3 postgresql x3 react x3 debugging x3 azure-app-service x3 app-secrets x3 hosting x3 csrf x3 anti-forgery-token x3 worker-service x3 seo x3 auto-mapper x3 project-templates x3 background-jobs x3 windows-service x3 graphql x3 openapi x3 2fa x3 error-handling x3 best-practices x3 rabbitmq x3 async x3 external-authentication x3 aspnet x2 azure-key-vault x2 sql x2 csharp x2 serialization x2 json x2 repodb x2 orm x2 bundling x2 gzip x2 performance x2 serilog x2 elastic-search x2 validation x2 pwa x2 feature-management x2 feature-toggle x2 integration-test x2 email x2 blog x2 blog x2 azure-redis x2 data-protection x2 database x2 action-result x2 linq x2 routing x2 xss x2 google-cloud x2 mongo-db x2 app-settings x2 distributed-apps x2 azure-function x2 app-service x2 polly x2 template x2 twilio x2 machine-learning x2 odata x2 github-actions x2 api-gateway x2 rate-limiting x2 key-vault x2 testing x2 translation x2 user-management x2 iot x2 code-quality x2 application-insights x1 joins x1 login x1 multi-tenancy x1 feature-flag x1 wordpress x1 dynamodb x1 libraries x1 bazel x1 jest x1 snapshot-testing x1 pagination x1 compression x1 youtube x1 cdn x1 webhook x1 fluentd x1 knative x1 jsonb x1 no-sql x1 eav x1 system-design x1 cors x1 webpack x1 html-parsing x1 dotnet x1 monitoring x1 razor-library x1 heath-checks x1 reverse-proxy x1 azure-blob x1 scanning x1 razor-templates x1 azure-blob x1 parallel-processing x1 graph-ql x1 ms-sql x1 headers x1 connection-string x1 respone-caching x1 word-press x1 kibana x1 profiling x1 azure-data-studio x1 tips x1 service x1 data-shaping x1 rosyln x1 demo x1 vulnerabilites x1 sql-injection x1 open-redirect x1 hate-os x1 rest-api x1 moq x1 cd x1 jenkins x1 real-time x1 c x1 c x1 benchmarking x1 background-tasks x1 mocking x1 containers x1 site-maintenance x1 nswag x1 http-client x1 resources x1 url-shortner x1 grpc x1 app-services x1 open-id x1 aurora-database x1 rss-feed x1 files-storage x1 practical x1 sample x1 documentaion x1 udemy x1 tutorials x1 c x1 net x1 exception x1 server-sent-events x1 push-messages x1 repository-pattern x1 minification x1 tool x1 whatsapp x1 heroku x1 api-response x1 ocelot x1 enums x1 docs x1 redoc x1 nginx x1 ubuntu x1 object-mapper x1 external-exe x1 session x1 query-string x1 publishing x1 refactoring x1 webp x1 cookie x1 tracing x1 filters x1 repository x1 event-grid x1 bff x1 nservice-bus x1 wpf x1 nlog x1 policy-based x1 rss x1 refit x1 nhibernate x1 crud-operations x1 email-templates x1 guid x1 sitemap x1 qrcode x1 quartz x1 ebook x1 artificial-intelligence x1 streaming x1 stripe x1 payment x1 global-filter x1 message-pack x1 versioning x1 javascript x1 social-login x1 systemd x1 cognitive-service x1 c x1 letsencrypt x1 ssl-certificate x1 sass x1 google x1 extensions x1 device-flow x1 localization x1 globalization x1 auth x1 chat-app x1 dynamic-query x1 plugin-system x1 application-insight x1 output-formatter x1 hangfire x1 installation x1 self-contained x1 starter-template x1 boilerplate x1 project-template x1 publish x1 build x1 startup x1 e-commerce x1 api-docs x1