Activities of "Rajasekhar"

• ABP Framework version: v5.0.0
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC): yes
• Exception message and stack trace:
• Steps to reproduce the issue:"

How to create access_token and refresh token manually by using identity server

• ABP Framework version: v5.0.0
• UI type: MVC
• DB provider: EF Core
• **Tiered (MVC) **: yes
• Exception message and stack trace:
• Steps to reproduce the issue:"

Is API based authentication exist? apart from openid

• ABP Framework version: v5.0.0
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC) or Identity Server Separated (Angular): no
• Exception message and stack trace:
• Steps to reproduce the issue:"

We have deployed the ABP application for security testing and we have got CSP header missing Vulnerability

Please let us know how to configure the sever to return Content Security Policy HTTP header.

I want to encrypt this(https://example.com/Abp/ServiceProxyScript) for security reasons is it possible

• ABP Framework version: v4.4.2
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC): no
• Exception message and stack trace: As observed that, application disclose application configuration file to end user.
• Steps to reproduce the issue:" As observed that, application disclose application configuration file to end user.

https://example.com/Abp/ApplicationConfigurationScript

Shall I encrypt this https://example.com/Abp/ServiceProxyScript

• ABP Framework version: v4.4.2
• UI type: MVC
• DB provider: EF Core
• Tiered (MVC): no
• Exception message and stack trace: Sensitive API end points like account-admin revealed in sourcecode
• Steps to reproduce the issue:"