{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Anthone 的问题《ASP.NET cookie replay fix without storing auth-tok》','https://www.manongdao.com/q-952916.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have introduced an audit table to store user login data (including auth-token) upon sign in/sign out and reading user status on each request to eliminate the asp.net cookie replay security issue.
This causes an increase in time taken for each request causing performance issues.
What are some other ways used to mitigate cookie replay attacks in asp.net?