CheckFormId: Boolean
When TRUE, IntraWeb will generate a unique FormId hidden field for each IWForm instance. This ID is then checked when the form processes a request.
CheckSameIP: Boolean
Will raise an EIWSecurityException if a different IP is used in a subsequent request using the same Session ID. Default True.
CheckSameUA: Boolean
Will raise an EIWSecurityException if a different user agent string is used in a subsequent request using the same Session ID. Default True.
CorsOrigin: string
Introduced: 15.0.21
Controls CORS (Cross-origin resource sharing) settings for your application. The values can be:
- ” – CORS is disabled (default)
- * – Any site can reference or embed your application. As * is not a valid value when cookies exist, IntraWeb will dynamically adjust the header on the fly to allow the same usage as *.
- value – Value will be passed unchanged back to the browser. Typically the value is a site or domain such as http://www.atozed.com which would restrict referencing and usage to www.atozed.com as the origin.
Blog post introducing CorsOrigin.
PreventDoubleSubmission: Boolean
RandomTempFileNames: Boolean
ShowSecurityErrorDetails: Boolean
If false, will omit the error message when one of the above checks fails. Default True.