diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2013-05-27 09:32:17 -0700 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2013-05-27 09:32:17 -0700 |
| commit | 5a0a8ee4c55f323a6c1fbdb619cd89b7d28a94ba (patch) | |
| tree | 026bb7a58fc6b80b680f2b5be2a25ddf1efbf0f5 /src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs | |
| parent | e4c746826690259eddba106e8a44d1b52b542faf (diff) | |
| parent | 064220dbab72b00f23abd041bf4a30ea87a00d88 (diff) | |
| download | DotNetOpenAuth-5a0a8ee4c55f323a6c1fbdb619cd89b7d28a94ba.zip DotNetOpenAuth-5a0a8ee4c55f323a6c1fbdb619cd89b7d28a94ba.tar.gz DotNetOpenAuth-5a0a8ee4c55f323a6c1fbdb619cd89b7d28a94ba.tar.bz2 | |
Merge branch 'v4.3'
Conflicts:
samples/OAuthClient/Default.aspx
samples/OAuthClient/Facebook.aspx.cs
samples/OAuthClient/Web.config
samples/OAuthClient/WindowsLive.aspx.cs
samples/OAuthClient/packages.config
src/DotNetOpenAuth.Core/Messaging/OutgoingWebResponse.cs
src/DotNetOpenAuth.Core/Messaging/StandardWebRequestHandler.cs
src/DotNetOpenAuth.OAuth.Consumer/OAuth/ConsumerBase.cs
src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1HmacSha1HttpMessageHandler.cs
src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1HttpMessageHandlerBase.cs
src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1PlainTextMessageHandler.cs
src/DotNetOpenAuth.OAuth.Consumer/OAuth/OAuth1RsaSha1HttpMessageHandler.cs
src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs
src/packages/repositories.config
src/version.txt
Diffstat (limited to 'src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs')
| -rw-r--r-- | src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs index 795047f..4225d86 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/WebServerClient.cs @@ -107,7 +107,7 @@ namespace DotNetOpenAuth.OAuth2 { // If the host is implementing the authorization tracker though, they're handling this protection themselves. var cookies = new List<CookieHeaderValue>(); if (this.AuthorizationTracker == null) { - string xsrfKey = MessagingUtilities.GetNonCryptoRandomDataAsBase64(16); + string xsrfKey = MessagingUtilities.GetNonCryptoRandomDataAsBase64(16, useWeb64: true); cookies.Add(new CookieHeaderValue(XsrfCookieName, xsrfKey) { HttpOnly = true, Secure = FormsAuthentication.RequireSSL, |