I suppose you have to authenticate to these third party APIs, have you done that?

By on 10/5/2017 12:48 PM ()

Yes, Adam I did so, I am certified betfair software vendor from 2007. I will ask them again, why:

Set-Cookie: .ASPXAUTH=D475A57...C9EC; expires=Thu, 05-Oct-2017 16:50:48 GMT; path=/; HttpOnly

is a problem, it should be:

Set-Cookie: .ASPXAUTH=D475A57...C9EC; expires=Thu, 05-Oct-2017 16:50:48 GMT; path=/; secure; HttpOnly

The fact is that websharper does not set: secure;

when context.UserSession.LoginUser

or whenever set cookies is fired, even when web server is set to:

<httpCookies domain="www.cashoutall.com" httpOnlyCookies="true" requireSSL="true" />

I know you use asp.net authorization, had no time to investigate it deeper, but the same:

context.UserSession.Logout()

works correctly.

Adam, my English is not so good, therefore I do not know if you understand what I want to say, similarly like when I asked for fixing your problem with redirection. I am not the expert in web development, but the way you implement redirection is totally wrong, mainly when I pointed to problems with chrome, and mozilla browsers, the way those browsers treat such redirections, they save url in cache, so when you add "salt" to such urls, imagine what you actually do, browse saves every such url in cache.

By on 10/6/2017 12:50 AM ()
IntelliFactory Offices Copyright (c) 2011-2012 IntelliFactory. All rights reserved.
Home | Products | Consulting | Trainings | Blogs | Jobs | Contact Us
Built with WebSharper