Skip to content

Commit 95bda39

Browse files
claudiamurialdoBeta Bot
claudiamurialdo
authored and
Beta Bot
committed
Cherry pick branch 'genexuslabs:fix/cookie-secure' into beta
1 parent d02a9c4 commit 95bda39

File tree

1 file changed

+9
-1
lines changed

1 file changed

+9
-1
lines changed

dotnet/src/dotnetcore/GxNetCoreStartup/Startup.cs

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222
using Microsoft.AspNetCore.Hosting;
2323
using Microsoft.AspNetCore.Http;
2424
using Microsoft.AspNetCore.Http.Features;
25+
using Microsoft.AspNetCore.HttpOverrides;
2526
using Microsoft.AspNetCore.Mvc;
2627
using Microsoft.AspNetCore.Mvc.ApplicationModels;
2728
using Microsoft.AspNetCore.Mvc.ModelBinding;
@@ -258,7 +259,10 @@ public void ConfigureServices(IServiceCollection services)
258259
{
259260
options.IdleTimeout = TimeSpan.FromMinutes(Preferences.SessionTimeout);
260261
options.Cookie.HttpOnly = true;
261-
options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
262+
if (Preferences.HttpProtocolSecure())
263+
options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
264+
else
265+
options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
262266
options.Cookie.IsEssential = true;
263267
string sessionCookieName = GxWebSession.GetSessionCookieName(VirtualPath);
264268
if (!string.IsNullOrEmpty(sessionCookieName))
@@ -560,6 +564,10 @@ public void Configure(IApplicationBuilder app, Microsoft.AspNetCore.Hosting.IHos
560564
provider.Mappings[mapping.Key] = mapping.Value;
561565
}
562566
}
567+
app.UseForwardedHeaders(new ForwardedHeadersOptions
568+
{
569+
ForwardedHeaders = ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedFor
570+
});
563571
if (GXUtil.CompressResponse())
564572
{
565573
app.UseResponseCompression();

0 commit comments

Comments
 (0)