Episode
ASP.NET Core Series: SameSite Cookie Security
SameSite is an IETF draft standard designed to provide some protection against cross-site request forgery (CSRF) attacks.
In this episode, we're joined by .NET Security Curmudgeon Barry Dorrans who will talk to us about some of the concerns around SameSite cookies and how to address them.
- [01:09] - What are same site cookies?
- [06:34] - What's broken with some browsers?
- [10:03] - Fixing the SameSite cookie in Visual Basic and Web Forms
- [17:25] - Fixing the SameSite cookie in C# and MVC 5
- [19:41] - Fixing the SameSite cookie in ASP.NET Core
Useful Links
- Working with SameSite cookies in ASP.NET
- Working with SameSite cookies in ASP.NET Core
- Upcoming SameSite Cookie Changes in ASP.NET and ASP.NET Core
- Overview of ASP.NET Core Security
SameSite is an IETF draft standard designed to provide some protection against cross-site request forgery (CSRF) attacks.
In this episode, we're joined by .NET Security Curmudgeon Barry Dorrans who will talk to us about some of the concerns around SameSite cookies and how to address them.
- [01:09] - What are same site cookies?
- [06:34] - What's broken with some browsers?
- [10:03] - Fixing the SameSite cookie in Visual Basic and Web Forms
- [17:25] - Fixing the SameSite cookie in C# and MVC 5
- [19:41] - Fixing the SameSite cookie in ASP.NET Core
Useful Links
- Working with SameSite cookies in ASP.NET
- Working with SameSite cookies in ASP.NET Core
- Upcoming SameSite Cookie Changes in ASP.NET and ASP.NET Core
- Overview of ASP.NET Core Security
Have feedback? Submit an issue here.