ASP-WAF Web application firewall for .Net 5, .Net Standard 2.1 and .Net Core 3.x

CrossSiteFilter Class

Cross site filter will reject all cross site requests

Namespace:  Walter.Web.FireWall.Filters
Assembly:  Walter.Web.FireWall (in Walter.Web.FireWall.dll)

Syntax


[CLSCompliantAttribute]
public sealed class CrossSiteFilter : ReportingFilter, 
	IAuthorizationFilter

Remarks


This filter does not allow any based on the endpoint configurations, to configure cross-site by allowing exceptions use the [Annotations.CrossSiteAttribute] annotation

Depending on the license you can use events to manually control if a request is blocked

Examples


Register the firewall for always on configuration using only service settings and reject all cross site requests
C#
services.AddFireWall("License Token", "Domain key"
, domainName: new Uri("https://www.mydomain.dll", UriKind.Absolute)
, options =>
{
options.Cypher.ApplicationPassword = "123456$even";
options.ApplicationName = "Test domain";
options.ApplicationTag = "ITIL-9981771";
options.Rules.BlockRequest.BlockDuration.SlideExpiration = true;
options.Rules.BlockRequest.BlockDuration.Expires = TimeSpan.FromSeconds(10);
options.WebServices.IsUserApiUrl = new Uri(Links.IsUserEndpoint, UriKind.Relative);
options.WebServices.RegisterLinksApiUrl = new Uri(Links.SiteMapEndPoint, UriKind.Relative);
options.WebServices.BeaconApiUrl = new Uri(Links.BeaconPoint, UriKind.Relative);
});
    ///
services.AddMvc(options =>
options.Filters.Add<Walter.Web.FireWall.Filters.FireWallFilter>()
options.Filters.Add<Walter.Web.FireWall.Filters.CrossSiteFilter>()
);

Inheritance Hierarchy


ReportingFilter
    Walter.Web.FireWall.Filters..::..CrossSiteFilter

Thread Safety


Static members of this type are safe for multi-threaded operations. Instance members of this type are safe for multi-threaded operations.

See Also


[IFireWall.OnGuardAction]
[IFireWall.OnIncident]
[Annotations.CrossSiteAttribute]