Hi ABP Zero Support, I want to set flags of HTTPOnly and Secure for my session cookies in my ABP Zero application. Recently it has been reported by our VA/PT team that we need to set these flags in order for further proceedings in our testing. I have followed the blog post at https://aspnetzero.com/blog/http-only-cookies-in-asp.net-zero-angular-ui. But after implementing the said changes I am unable to set Tenant on login page, as it redirects again on the same page. Please note that my application is hosted as follows:
Client app : https://localhost/MYAPP Server app : https://localhost/Core
Please help me with the issue.
5 Answer(s)
-
0
Hi,
Is it really hosted on localhost or did you write localhost instead of wring your own domain ?
-
0
Hi,
Is it really hosted on localhost or did you write localhost instead of wring your own domain ?
I tested on my domain and localhost as well but couldn't find any solution.
-
0
Is it possible to share your production URL ? We can check the problem for you.
-
0
The build is not in production due to VA/PT vulnerability. I would propose if we can connect in some online meeting session so I can show you application hosted on localhost. Please confirm, so I can share my email to proceed. Thanks.
-
0
