Add a test where [Ignore..] gets overridden
Fixing a small gap in our AF functional tests.
This commit is contained in:
parent
7b2a4ff465
commit
ca6c76c358
|
|
@ -51,5 +51,15 @@ namespace Microsoft.AspNetCore.Mvc.FunctionalTests
|
||||||
// Assert
|
// Assert
|
||||||
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
|
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task AntiforgeryOverridesIgnoreAntiforgery()
|
||||||
|
{
|
||||||
|
// Arrange & Act
|
||||||
|
var response = await Client.PostAsync("http://localhost/IgnoreAntiforgery/Index", content: null);
|
||||||
|
|
||||||
|
// Assert
|
||||||
|
Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
using Microsoft.AspNetCore.Mvc;
|
using Microsoft.AspNetCore.Mvc;
|
||||||
|
|
||||||
namespace AjaxAntiForgeryValidation.Controllers
|
namespace SecurityWebSite.Controllers
|
||||||
{
|
{
|
||||||
[AutoValidateAntiforgeryToken]
|
[AutoValidateAntiforgeryToken]
|
||||||
public class AntiforgeryController : Controller
|
public class AntiforgeryController : Controller
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,18 @@
|
||||||
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
using Microsoft.AspNetCore.Mvc;
|
||||||
|
|
||||||
|
namespace SecurityWebSite.Controllers
|
||||||
|
{
|
||||||
|
[IgnoreAntiforgeryToken]
|
||||||
|
public class IgnoreAntiforgeryController : Controller
|
||||||
|
{
|
||||||
|
[HttpPost]
|
||||||
|
[ValidateAntiForgeryToken]
|
||||||
|
public IActionResult Index()
|
||||||
|
{
|
||||||
|
return Content("Ok");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue