I just set this cookie to be expired as a normal cookie by setting its expiry date to -1d.
Testers says __RequestVerificationToken_Lw__ cookies should be expired on logout?
-
28-06-2022 - |
문제
I am working on a MVC 4 web site, tester has informed me on Logout .ASPXAUTH cookies expired automatically but RequestVerificationToken_Lw cookies do not expires.
I am not sure is RequestVerificationToken_Lw suppose to expire on logout ? On logout user is returned to logon page which do not have Html.AntiForgeryToken() used in it. Any guidline please how I can set RequestVerificationToken_Lw to be expired on logout ?
Thanks for your help and guidance.
해결책 2
다른 팁
Why you need VerificationToken for the logout , its dont have any sense.. This is just protecting vs cross-site-scripting and fired all time when something changes in Cookie objects like FormAuthenticated values or some form data just it.
제휴하지 않습니다 StackOverflow