diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-05-07 10:03:12 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-05-07 10:03:12 -0700 |
| commit | 957a1811bc69a033a16b00d755a88ceeaf3fced6 (patch) | |
| tree | ded97d06a1bec55e0d6bad85d079c2d4b412aa1d /src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs | |
| parent | a85cd1c7bb0a22ee08056a19ce60173e3ab8e0e0 (diff) | |
| parent | b6dff7d1a6b5b07450b82688ec4727b3e2617ff5 (diff) | |
| download | DotNetOpenAuth-957a1811bc69a033a16b00d755a88ceeaf3fced6.zip DotNetOpenAuth-957a1811bc69a033a16b00d755a88ceeaf3fced6.tar.gz DotNetOpenAuth-957a1811bc69a033a16b00d755a88ceeaf3fced6.tar.bz2 | |
Merge pull request #140 from dotnetjunky/v4.0
Use cookie to store OAuth token and set it as default mechanism.
Diffstat (limited to 'src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs')
| -rw-r--r-- | src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs b/src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs index 3fc3a21..f51de1c 100644 --- a/src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs +++ b/src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs @@ -106,10 +106,16 @@ namespace DotNetOpenAuth.AspNet { var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { HttpOnly = true, - Path = FormsAuthentication.FormsCookiePath, - Secure = FormsAuthentication.RequireSSL + Path = FormsAuthentication.FormsCookiePath }; + // only set Secure if FormsAuthentication requires SSL. + // otherwise, leave it to default value + if (FormsAuthentication.RequireSSL) + { + cookie.Secure = true; + } + if (FormsAuthentication.CookieDomain != null) { cookie.Domain = FormsAuthentication.CookieDomain; } @@ -123,4 +129,4 @@ namespace DotNetOpenAuth.AspNet { #endregion } -} +}
\ No newline at end of file |