HttpOnly

12 writes to HttpOnly

Microsoft.AspNetCore.Antiforgery (1)

AntiforgeryOptions.cs (1)

21HttpOnly = true,

Microsoft.AspNetCore.Authentication (1)

RemoteAuthenticationOptions.cs (1)

27HttpOnly = true,

Microsoft.AspNetCore.Authentication.Cookies (1)

CookieAuthenticationOptions.cs (1)

20HttpOnly = true,

Microsoft.AspNetCore.Authentication.OpenIdConnect (2)

OpenIdConnectConfigureOptions.cs (1)

95cookieBuilder.HttpOnly = StringHelpers.ParseValueOrDefault(cookieConfigSection[nameof(cookieBuilder.HttpOnly)], bool.Parse, cookieBuilder.HttpOnly);

OpenIdConnectOptions.cs (1)

81HttpOnly = true,

Microsoft.AspNetCore.Authentication.Test (2)

CookieTests.cs (2)

365o.Cookie.HttpOnly = true; 389o.Cookie.HttpOnly = false;

Microsoft.AspNetCore.Authentication.Twitter (1)

TwitterOptions.cs (1)

34HttpOnly = true,

Microsoft.AspNetCore.CookiePolicy.Test (2)

CookiePolicyTests.cs (2)

386o.Cookie.HttpOnly = false; 437o.Cookie.HttpOnly = false;

Microsoft.AspNetCore.Mvc.ViewFeatures (1)

CookieTempDataProviderOptions.cs (1)

17HttpOnly = true,

Microsoft.AspNetCore.Session (1)

SessionOptions.cs (1)

54HttpOnly = true;

12 references to HttpOnly

Microsoft.AspNetCore.Antiforgery (1)

AntiforgeryOptions.cs (1)

49/// <item><description><see cref="CookieBuilder.HttpOnly"/> defaults to <c>true</c>.</description></item>

Microsoft.AspNetCore.Authentication (1)

RemoteAuthenticationOptions.cs (1)

147/// <item><description><see cref="CookieBuilder.HttpOnly"/> defaults to <c>true</c>.</description></item>

Microsoft.AspNetCore.Authentication.Cookies (1)

CookieAuthenticationOptions.cs (1)

46/// <item><description><see cref="CookieBuilder.HttpOnly"/> determines if the browser should allow the cookie to be accessed by client-side JavaScript.

Microsoft.AspNetCore.Authentication.OpenIdConnect (3)

OpenIdConnectConfigureOptions.cs (2)

95cookieBuilder.HttpOnly = StringHelpers.ParseValueOrDefault(cookieConfigSection[nameof(cookieBuilder.HttpOnly)], bool.Parse, cookieBuilder.HttpOnly);

OpenIdConnectOptions.cs (1)

322/// <item><description><see cref="CookieBuilder.HttpOnly"/> defaults to <c>true</c>.</description></item>

Microsoft.AspNetCore.Authentication.Test (2)

OpenIdConnect\OpenIdConnectTests.cs (2)

482Assert.True(options.CorrelationCookie.HttpOnly); 486Assert.True(options.NonceCookie.HttpOnly);

Microsoft.AspNetCore.Authentication.Twitter (1)

TwitterOptions.cs (1)

90/// <item><description><see cref="CookieBuilder.HttpOnly"/> defaults to <c>true</c>.</description></item>

Microsoft.AspNetCore.Http.Abstractions (1)

CookieBuilder.cs (1)

113HttpOnly = HttpOnly,

Microsoft.AspNetCore.Mvc.ViewFeatures (1)

CookieTempDataProviderOptions.cs (1)

44/// <item><description><see cref="CookieBuilder.HttpOnly"/> defaults to <c>true</c>.</description></item>

Microsoft.AspNetCore.Session (1)

SessionOptions.cs (1)

24/// <item><description><see cref="CookieBuilder.HttpOnly"/> defaults to <c>true</c>.</description></item>