Base solution for your next web application
Open Closed

Improper Session Validation #11882


User avatar
0
hongbing.wang created

Hi @ismcagdas,

What is your product version? v12.4.0 What is your product type (Angular or MVC)? Angular What is product framework type (.net framework or .net core)? .net 7

Abp.AuthToken and Abp.AuthRefresh are not cleared following logout in production build with the implementation of HTTP-only-cookie by integrating server and client in the same app. But this problem doesn't occur in debug build where the server and the client are separate. Please see the following screenshot for more details.

Please advise the steps to resolve the issue in the HTTP-only production build.


1 Answer(s)