/AspNetCoreMvcAngular

ASP.NET Core MVC with angular in MVC View OpenID Connect Hybrid Flow

Primary LanguageC#MIT LicenseMIT

ASP.NET Code MVC Client with Angular View and IdentityServer4

Build status

Secured using Cookies, and OpenID Connect Hybrid Flow. Cookies configured with Same site and use Anti-forgery protection. Security headers are also applied.

History

2020-01-10 Updated nuget packages, same site fix

2019-12-21 Updated to .NET Core 3.1 Angular 8.2.14

2019-09-26 Updated to .NET Core 3.0 Angular 8.2.8

2019-09-14 Updated to .NET Core 3.0 preview 9, Angular 8.2.6

2019-08-27 Updated to .NET Core 3.0, Angular 8.2.3

2019-06-14 Updated to npm, nuget packages

2019-05-03 Updated to npm, nuget packages, in-process

2019-03-15 Updated to Angular 7.2.9, .NET Core 2.2

2018-09-17 Updated to Angular 6.1.7, latest .NET 2.1 packages, updated STS

2018-06-16 Updated to Angular 6.0.5

2018-06-16 Updated to ASP.NET Core 2.1

2017-09-22 Updated to ASP.NET Core 2.0, Angular 4.4.3

Blogs

Links

https://docs.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-2.2

https://stackoverflow.com/questions/46040922/angular4-httpclient-csrf-does-not-send-x-xsrf-token

https://en.wikipedia.org/wiki/Cross-site_request_forgery