Skip to main content

Posts

Showing posts from January, 2016

CSRF Asp.Net

Asp.Net CSRF  Step 1: Add this code in master page, if there is no master page than add it in page. //This is code is to generate the random token protected void Page_Init(Object sender, EventArgs e)         {             if (!IsPostBack)             {                 var pageName = Path.GetFileName(HttpContext.Current.Request.Url.AbsolutePath);                 var pageToken = pageName + "_ID";                 RandomNumberGenerator rng = new RNGCryptoServiceProvider();                 var tokenData = new byte[32];                 rng.GetBytes(tokenData);                 var token = Convert.ToBase64String(tokenData);           ...
Post a Comment
Read more

Clear Session on browser/tab close using JQuery

Add below script to master page and replace Logon with your login page. <script type="text/javascript"> var LoginPageName = "Logon"; var AttachClearSessionEvent = true; var IsFormSubmit = false; $(window).submit(function () { AttachClearSessionEvent = false; IsFormSubmit = true; window.onbeforeunload = null; }); $(document).ready(function () {var myEvent = window.attachEvent || window.addEventListener;var chkevent = window.attachEvent ? 'onbeforeunload' : 'beforeunload'; /// make IE7, IE8 compitable myEvent(chkevent, function (e) { // For >=IE7, Chrome, Firefox try {if (AttachClearSessionEvent) {var caller = '(document).ready';var urlToDisposeSession = LoginPageName; $.ajax({cache: false,type: "POST",url: urlToDisposeSession,data: JSON.stringify({ RandomString: caller }),contentType: "application/json; charset=utf-8",dataType: "json",async: false,success: function (msg) {}});} }catch (ex) { }...
Post a Comment
Read more