CookieAuthenticationOptions.Cookie Property
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Determines the settings used to create the cookie.
public:
property Microsoft::AspNetCore::Http::CookieBuilder ^ Cookie { Microsoft::AspNetCore::Http::CookieBuilder ^ get(); void set(Microsoft::AspNetCore::Http::CookieBuilder ^ value); };public Microsoft.AspNetCore.Http.CookieBuilder Cookie { get; set; }member this.Cookie : Microsoft.AspNetCore.Http.CookieBuilder with get, setPublic Property Cookie As CookieBuilderProperty Value
Remarks
- The default value for cookie Name is
.AspNetCore.Cookies. This value should be changed if you change the name of theAuthenticationScheme, especially if your system uses the cookie authentication handler multiple times. - SameSite determines if the browser should allow the cookie to be attached to same-site or cross-site requests. The default is
Lax, which means the cookie is only allowed to be attached to cross-site requests using safe HTTP methods and same-site requests. - HttpOnly determines if the browser should allow the cookie to be accessed by client-side JavaScript. The default is
true, which means the cookie will only be passed to HTTP requests and is not made available to JavaScript on the page. - Expiration is currently ignored. Use ExpireTimeSpan to control lifetime of cookie authentication.
- SecurePolicy defaults to SameAsRequest.