application_acquirerequeststate event asp.net to prevent session hijacking
protected void Application_BeginRequest(object sender, EventArgs e)
{
//Check If it is a new session or not , if not then do the further checks
if (Request.Cookies["ASP.NET_SessionId"] != null && Request.Cookies["ASP.NET_SessionId"].Value != null)
{
string newSessionID = Request.Cookies["ASP.NET_SessionID"].Value;
//Check the valid length of your Generated Session ID
if (newSessionID.Length <= 24)
{
//Log the attack details here
Response.Cookies["TriedTohack"].Value = "True";
throw new HttpException("Invalid Request");
}
//Genrate Hash key for this User,Browser and machine and match with the Entered NewSessionID
if (GenerateHashKey() != newSessionID.Substring(24))
{
//Log the attack details here
Response.Cookies["TriedTohack"].Value = "True";
throw new HttpException("Invalid Request");
}
//Use the default one so application will work as usual//ASP.NET_SessionId
Request.Cookies["ASP.NET_SessionId"].Value = Request.Cookies["ASP.NET_SessionId"].Value.Substring(0, 24);
}
}
Are there any code examples left?
New code examples in category C#
-
C# 2022-03-27 22:40:23 c# movement script
-
C# 2022-03-27 22:15:17 Delete last modification on EntityFramework Core
-
C# 2022-03-27 22:15:02 file.create folder c#
-
C# 2022-03-27 19:25:04 Error inflating class android.support.constraint.ConstraintLayout
-
C# 2022-03-27 19:15:02 top down shooting in unity 2D
-
C# 2022-03-27 18:50:02 c# remove invalid directory characters
-
C# 2022-03-27 18:30:07 how to use K2 games Games parallax background
-
C# 2022-03-27 18:25:10 c# replace crlf
-
C# 2022-03-27 18:25:09 keycode for left mouse click unity