| blob | 68d05e5c276b9c254b3b47d3641223168ba07483 |
1 <?xml version="1.0" encoding="utf-8" ?>
2 <configuration>
3 <configSections>
4 <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth"/>
5 </configSections>
6 <dotNetOpenAuth>
7 <!-- The values here are carefully chosen to be somewhat weird so that tests can be
8 reasonably confident that if the values are the weird ones here that they did
9 indeed come from the config file and not from a programmatic default. -->
10 <messaging>
11 <untrustedWebRequest timeout="01:23:45" readWriteTimeout="01:23:56" maximumBytesToRead="500001" maximumRedirections="9">
12 <whitelistHosts>
13 <add name="evilButTrusted"/>
14 </whitelistHosts>
15 <whitelistHostsRegex>
16 <add name=".+trusted.+"/>
17 </whitelistHostsRegex>
18 <blacklistHosts>
19 <add name="positivelyevil"/>
20 </blacklistHosts>
21 <blacklistHostsRegex>
22 <add name=".+veryevil.+"/>
23 </blacklistHostsRegex>
24 </untrustedWebRequest>
25 </messaging>
26 <openid maxAuthenticationTime="8:17">
27 <relyingParty>
28 <!--<store type=""/>-->
29 <security minimumRequiredOpenIdVersion="V10" minimumHashBitLength="6" maximumHashBitLength="301" requireSsl="false"/>
30 </relyingParty>
31 <provider>
32 <!--<store type=""/>-->
33 <security protectDownlevelReplayAttacks="false" minimumHashBitLength="7" maximumHashBitLength="302">
34 <associations>
35 <add type="HMAC-SHA1" lifetime="2.00:00:02" />
36 <add type="HMAC-SHA256" lifetime="14.00:00:14" />
37 </associations>
38 </security>
39 </provider>
40 </openid>
41 </dotNetOpenAuth>
42 </configuration>