SameSite is a 2016 extension to HTTP cookies intended to mitigate cross site request forgery (CSRF). The original design was an opt-in feature which could be used by adding a new SameSite property to cookies. It had two values, Lax and Strict. Setting the value to Lax indicated the cookie should be sent on navigation within the same site, or t
2018 sees the introduction of the General Data Protection Regulation, an EU framework to allow EU citizens to control, correct and delete their data, no matter where in the word it is held. In ASP.NET Core 2.1 Preview 1 we’ve added some features to the ASP.NET Core templates to allow you to meet some of your GDPR obligations, as well as a co
It's with a great deal of pleasure that I can announce an on-going bug bounty for .NET Core and ASP.NET Core, our cross platform runtime and web stack.
During the RC1 and RC2 bounty periods we received quite a few interesting, intriguing and even puzzling bugs which we've addressed. The RC 1 bounty included one report which prompted an entire
Now that you're all updated to RC2 I am pleased to announce a further 3 month bug bounty program for .NET Core and ASP.NET Core, our cross platform runtime and web stack. The program encompasses the RC2 and, should its release fall within the 3 months programme period, the RTM version. The bounty will run from 7th June 2016 till 7th Septembe
As we've now released RC1 of .NET Core and ASP.NET restrictions on areas for investigation are now lifted. The entire cross platform stack, including networking is now in scope and eligible for bounty submissions.The ASP.NET web site has instructions on how to install RC1 on Windows, Linux and OS X. Windows researchers can use Visual Stud