AspNet核心身份,如何设置options.Cookie.SameSite? [英] AspNet Core Identity, how set options.Cookie.SameSite?
问题描述
在最新的模板和库中使用httpsonly标志.如何关闭它?
In the latest templates and libraries used httpsonly flag. How can I turn it off?
这个问题已经过时,并且没有完整的配置示例:
This same question is outdated and it did not have full configuration sample:
推荐答案
为了在使用Identity时配置应用程序cookie,可以使用
In order to configure the application cookie when using Identity, you can use the ConfigureApplicationCookie
method inside your Startup’s ConfigureServices
:
// add identity
services.AddIdentity<ApplicationUser, IdentityRole>();
// configure the application cookie
services.ConfigureApplicationCookie(options =>
{
options.Cookie.SameSite = SameSiteMode.None;
});
由于Identity本质上是在后台添加cookie身份验证,因此配置操作与配置cookie身份验证时通常传递给AddCookie()
的操作相同.仅仅是因为AddIdentity()
会为您设置身份验证,所以ConfigureApplicationCookie
提供了一种随后调整cookie身份验证选项的方法.
Since Identity essentially adds cookie authentication under the hood, this is the configure action is the same thing you would normally pass to AddCookie()
when configuring cookie authentication. It’s just that since AddIdentity()
takes care of setting up authentication for you, the ConfigureApplicationCookie
offers a way to adjust the cookie authentication options afterwards.
这篇关于AspNet核心身份,如何设置options.Cookie.SameSite?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!