CSRF prevention in Hangfire

dashboard
Tags: #<Tag:0x00007f788c7d04e0>

#1

How to protect Hangfire UI from CSRF attack ? Is there any way to send custom HTTP header in order to use “double submit cookie” method ?


#2

@tt.pp thanks for reporting this! A new version was released ASAP to have a protection against CSRF attacks by using antiforgery tokens, please see Hangfire 1.6.20 blog post to learn how to use the protection.