Open xt0rted opened 9 years ago
Similar to filtering form values it might be good to add a list of know values to exclude. The main ones that come to mind are
_nc
_ncfa
NCSRF
.AspNet.
__RequestVerificationToken
Similar to filtering form values it might be good to add a list of know values to exclude. The main ones that come to mind are
_nc- Nancy cookie based sessions_ncfa- Nancy forms authenticationNCSRF- Nancy csrf.AspNet.- MVC vNext authentication__RequestVerificationToken- MVC vNext csrf