When TRUE, IntraWeb will generate a unique FormId hidden field for each IWForm instance. This ID is then checked when the form processes a request.
Will raise an EIWSecurityException if a different IP is used in a subsequent request using the same Session ID. Default True.
Will raise an EIWSecurityException if a different user agent string is used in a subsequent request using the same Session ID. Default True.
Controls CORS (Cross-origin resource sharing) settings for your application. The values can be:
- ” – CORS is disabled (default)
- * – Any site can reference or embed your application. As * is not a valid value when cookies exist, IntraWeb will dynamically adjust the header on the fly to allow the same usage as *.
- value – Value will be passed unchanged back to the browser. Typically the value is a site or domain such as http://www.atozed.com which would restrict referencing and usage to www.atozed.com as the origin.
Blog post introducing CorsOrigin.
If false, will omit the error message when one of the above checks fails. Default True.