Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
class Duende.IdentityServer.Configuration.ValidationOptions
Assembly: Duende.IdentityServer
Inheritance: object → ValidationOptions
Settings that control redirect URI validation behavior for the authorize and end-session endpoints.
Properties
public
System.Collections.Generic.ICollection<string>
InvalidRedirectUriPrefixes
Gets URI scheme prefixes that are never accepted as custom URI schemes in the
<c>redirect_uri</c> parameter of the authorize endpoint or the
<c>post_logout_redirect_uri</c> parameter of the end-session endpoint.
Remarks Defaults to <c>javascript:</c> , <c>file:</c> , <c>data:</c> , <c>mailto:</c> ,
<c>ftp:</c> , <c>blob:</c> , <c>about:</c> , <c>ssh:</c> , <c>tel:</c> ,
<c>view-source:</c> , <c>ws:</c> , and <c>wss:</c> . These schemes are blocked because
they can be exploited for open redirect or cross-site scripting attacks.
Methods
public
bool
Equals(object obj)
Inherited from object
protected
void
Finalize()
Inherited from object
public
int
GetHashCode()
Inherited from object
protected
object
MemberwiseClone()
Inherited from object
public
string
ToString()
Inherited from object