Avoid Session fixation in ASP.Net Core MVC

venkatg
 
on Jan 24, 2022 04:33 AM
1937 Views
Closed

how to avoid Session Fixation in dot.net core mvc application.

below code i updating in user Login.

string guid = Guid.NewGuid().ToString();           
HttpContext.Session.SetInt32("UserId", userData.Id);
Response.Cookies.Append("AuthToken", guid, cookieOptions);

but Its not working.

Kindly suggest.

Download FREE API for Word, Excel and PDF in ASP.Net: Download
dharmendr
 
on Jan 24, 2022 04:38 AM
on Jan 24, 2022 04:38 AM

Hi venkatg,

Refer below code.

HttpContext.Session.SetInt32("UserId", userData.Id);
CookieOptions cookieOptions = new CookieOptions();
//Set the Expiry date of the Cookie.
cookieOptions.Expires = DateTime.Now.AddDays(30);
//Create a Cookie with a suitable Key and add the Cookie to Browser.
Response.Cookies.Append("AuthToken", Guid.NewGuid().ToString(), cookieOptions);

For more details refer below article.

ASP.Net Core Cookies: Read, Write (Save) and Remove (Delete) Cookies in ASP.Net Core MVC

 

venkatg
 
on Jan 24, 2022 04:57 AM

Hi Dharmendar ,

Your code is working but the  Session Fixation issue still replicating on the dot net core application , can i have solution for the particular

 

dharmendr
 
on Jan 24, 2022 06:14 AM
Disclaimer
This site is started with intent to serve the ASP.Net Community by providing forums (question-answer) site where people can help each other. The content posted here is free for public and is the content of its poster. The site does not provide any warranties for the posted content. If you feel any content is violating any terms please contact.
© 2023 www.aspsnippets.com All rights reserved | Privacy Policy | Powered by Excelasoft Solutions Excelasoft Solutions