File tree Expand file tree Collapse file tree 1 file changed +10
-3
lines changed
dotnet/src/dotnetcore/GxNetCoreStartup Expand file tree Collapse file tree 1 file changed +10
-3
lines changed Original file line number Diff line number Diff line change @@ -74,9 +74,16 @@ public string GetAdditionalData(HttpContext context)
7474
7575 public bool ValidateAdditionalData ( HttpContext context , string additionalData )
7676 {
77- bool validSession = context . Session . Id . Trim ( ) . CompareTo ( additionalData . Trim ( ) ) == 0 ? true : false ;
78- GXLogging . Warn ( log , $ "Session id in CSRF token ({ additionalData } ) does not match the current session id ({ context . Session . Id } )") ;
79- return validSession ;
77+ if ( context . IsNewSession ( ) )
78+ {
79+ return true ;
80+ }
81+ else
82+ {
83+ bool validSession = context . Session . Id . Trim ( ) . CompareTo ( additionalData . Trim ( ) ) == 0 ? true : false ;
84+ GXLogging . Warn ( log , $ "Session id in CSRF token ({ additionalData } ) does not match the current session id ({ context . Session . Id } )") ;
85+ return validSession ;
86+ }
8087 }
8188 }
8289
You can’t perform that action at this time.
0 commit comments