cloudflare | abp

Cloudflare and AspNet Boilerplate

If you are facing any issue which involves cloudflare and request with header contains "dot", have a look.

Abhith RajanJuly 18, 2020 · 2 min read · Last Updated:

I am an early adopter of aspnetboilerplate. I learned AngularJS as part of developing aspnetboilerplate project and it all started by reading an awesome blog post Introduction to ASP.NET Boilerplate by Halil ibrahim Kalkan. Since then I always recommended using the paid aspnetzero template for all the major projects in my workplace. And I used the free aspnetboilerplate template for some of the projects including my side project, piggyvault, a family finance management app, and its APIs is built on aspnetboilerplate.

Similarly, I use Cloudflare for most of the hosted websites as a firewall-cum-CDN. Recently after hosting the aspnetboilerplate project on SmarterASP.net, I started to face a login issue where it was working fine on local (as always 😆). The traffic to the PROD app was routed via Cloudflare.

Later the troubleshooting journey ended up here.

Cloudflare strips any header that contains dots (.) from origin web server responses. For example, the origin web server header test.header:data is removed by Cloudflare’s proxy.

By default, ABP uses Abp.TenantId header as the TenantIdResolveKey, and Cloudflare strips it resulting in null value always. Thankfully, aspnetboilerplate provides an option to change the TenantIdResolveKey. To change,

In the CoreModule,

1// Enable this line to create a multi-tenant application.
2Configuration.MultiTenancy.IsEnabled = PiggyvaultConsts.MultiTenancyEnabled;
3Configuration.MultiTenancy.TenantIdResolveKey = "Piggy-TenantId"; // your key without "."

It resolved the login issue.

Additional Resources

Written by Abhith Rajan
Abhith Rajan is an aspiring software engineer with more than 7 years of experience and proven successful track record of delivering technology-based products and services.
Buy me a coffee

Was this article helpful?

Your opinion matters

Please share your thought about this article

This page is open source. Noticed a typo? Or something unclear?
Improve this page on GitHub