Base solution for your next web application
Open Closed

SignalR Service Security Issue #10029


User avatar
0
echonos created

GET /signalr?enc_auth_token=token

<br> We just recently had our .net zero based application audited by a security company. We were told that SignalR GET request includes the authentication token as querystring parameter, which happens to pose a high security risk. We were recommended to use the POST method but we could not find the right place to implement this solution. What would you recommend as a solution?


2 Answer(s)