Walter.Web.FireWall
TrustedCrossSiteDomains Property
Example 
Walter.Web.FireWall Assembly > Walter.Web.FireWall.Configurations Namespace > RulesConfig Class : TrustedCrossSiteDomains Property
A list of trusted domains in that are picked up by the CrossSite when assuming access to a endpoint is to be limited.
Syntax
public IList<Uri> TrustedCrossSiteDomains {get;}
Remarks
When defining white-listed cross site domains this will be applicable to all endpoints that use the CrossSite attribute. you can't mix allowing and not allowing those that are globally allowed.
Example
The bellow sample shows how the TrustedCrossSiteDomains get's 2 domains it will trust by default 
services.AddMemoryCache();
            
services.AddFireWall("Token", "Domain Key"
     , domainName: new Uri("https://www.test.dll", UriKind.Absolute), options =>
    {
        options.JoinCustomerImprovementProgramWithEmail = "mail@test.dll";
        options.Cypher.ApplicationPassword = "123456Seven";
        options.ApplicationName = "www.test.dll";
        options.ApplicationTag = "WS3";
            
        options.UseSession = false;
        options.Cashing.GeoLocation.SlidingExpiration = TimeSpan.FromMinutes(20);
            
        options.WebServices.IsUserApiUrl = new Uri(Links.IsUserEndpoint, UriKind.Relative);
        options.WebServices.RegisterLinksApiUrl = new Uri(Links.SiteMapEndPoint, UriKind.Relative);
        options.WebServices.BeaconApiUrl = new Uri(Links.BeaconPoint, UriKind.Relative);
        options.WebServices.CSPReportUrl = new Uri(Links.CSPViolation, UriKind.Relative);
            
        options.OnEndpointsCreated+= Options_OnEndpointsCreated;
        options.OnFireWallCreated += Options_OnFireWallCreated;
        options.Rules.AllowWhiteListing = false;
        options.Rules.PhysicalFileWallExcludeReasons = Walter.BOM.FirewallBlockReasons.ALL & ~Walter.BOM.FirewallBlockReasons.NoAccessFromRegion;
        options.Rules.BlockRequest.BlockDuration.SlideExpiration = true;
        options.Rules.BlockRequest.BlockDuration.Expires = TimeSpan.FromSeconds(10);
        options.Rules.TrustedCrossSiteDomains.AddRange(new[] { new Uri("https://gateway.test.dll", UriKind.Absolute), new Uri("https://support.test.dll", UriKind.Absolute) });
        options.Rules.AllowWhiteListing = false;
        options.Rules.Headers.AddDefaultSecurePolicy()
                             .AddStrictTransportSecurityNoCache()
                             .AddXssProtectionBlockAndReport()
                             .AddContentSecurityPolicyButTrust(trustingSites: Walter.Web.FireWall.TrustingSites.Jquery | Walter.Web.FireWall.TrustingSites.Google
                                       , allowInline: true
                                       , framesPolicy: Walter.Web.FireWall.FramesPolicy.Self);
            
            
    });
[HttpGet]
[CrossSite()]
public JsonResult UserProfile()
{
...
}
Requirements

Target Platforms: Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

See Also

Reference

RulesConfig Class
RulesConfig Members

Send Feedback