Join the Conversation

4 Comments

  1. <a href=”data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K#”>Continue</a>

    <img src='x' onerror=alert('xss');>

  2. I figured it out, the ClaimsPrincipal.Current wasn't set yet, by accessing the context user directly it worked:

      if (!context.Authentication.User.Identity.IsAuthenticated)

  3. Thanks for the example, however I keep getting redirected to the login page. during the OnAuthenticated I am the right user, but then I'm redirected to the Original page and I lose the authentication.

    Any tips?