Changes between Version 7 and Version 8 of WikiStart

Show
Ignore:
Timestamp:
01/27/14 11:55:54 (10 years ago)
Author:
smagi
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • WikiStart

    v7 v8  
    161161Here we use the default ASP.NET session id which is stored in cookies to ensure that users can't inadvertently leak their private URL. 
    162162 
    163 == {{{Page.OnPreInit}} == 
     163== {{{Page.OnPreInit}}} == 
    164164 
    165165The last step is to add continuation validation at some point in the page lifecycle. Clavis checks that all the protected parameters hash to the same HMAC value as specified in the URL. If they don't, an exception was thrown indicating that a protected parameter was incorrectly changed. I typically do this in Page.OnPreInit in a custom System.Web.Page base class: