huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
64 Commits 1 Branch 0 Tags 251 MiB
Commit Graph

64 Commits

Author SHA1 Message Date
Ryan Nowak 3280ff6ac5 Add Header support 
This change adds support for retrieving an antiforgery CSRF token via a
configurable header in addition to the form field. This helps with doing
ajax requests in a 1st-party SPA when using cookie auth, and is similar to
functionality provided by a bunch of different frameworks.

In this change there's also a bunch of churn due to avoiding the term
'form' in favor of 'request' and 'session' in favor of 'cookie'. Where
code and error message now mention 'form' they specifically mean
form-encoded content.
 2015-12-15 14:18:09 -08:00
Pranav K b69aef3c51 Merge branch 'release' into dev 2015-12-11 12:23:48 -08:00
Pranav K 86795ab1b6 Updating to release NuGet.config. 2015-12-11 12:23:45 -08:00
Pranav K 463e8f9473 React to HtmlAbstractions namespace rename 2015-12-02 10:30:01 -08:00
Pranav K daf16ad184 Enabling CoreCLR tests on Travis 2015-12-01 11:02:49 -08:00
Doug Bunting 6a9b38db77 Return an `IHtmlContent` from `IAntiforgery.GetHtml()` 
- part of aspnet/Mvc#3123
- no longer forces caller to wrap the return value in an `HtmlString`

nit: don't HTML encode the word "hidden"
 2015-11-25 09:44:54 -08:00
Doug Bunting 78face48d0 Ignore `launchSettings.json` files 2015-11-24 15:31:27 -08:00
Pranav K 130e8f0398 Updating tests to use moq.netcore 2015-11-23 11:39:40 -08:00
Hao Kung e2632d47f0 React to DataProtection changes 2015-11-17 14:08:22 -08:00
Doug Bunting 4c74e08bf1 Move Travis to supported Linux distribution 
- use Ubuntu 14.04 (Trusty)
  - Travis support for Trusty is in Beta and currently requires `sudo`
- run `dnu restore` with DNX Core since aspnet/External#49 is not fixed in Mono versions we can use
- add required dependencies for DNX Core to `.travis.yml`
- addresses part of aspnet/Universe#290
 2015-11-17 12:26:08 -08:00
Doug Bunting 42d6166b61 Explicitly choose Mono 4.0.5 
- avoids future problems related to aspnet/External#48
  - e.g. when Travis updates default Mono version in `csharp` bundle
 2015-11-17 10:49:09 -08:00
Pranav K 1c39930b16 Reacting to DependencyInjection changes 2015-11-13 10:33:23 -08:00
ryanbrandenburg c82ac5e61f * Return old cookie token 2015-11-12 11:52:39 -08:00
Cesar Blum Silveira ff3c8023a0 Merge branch 'release' into dev 2015-11-03 13:34:38 -08:00
Cesar Blum Silveira 391086e3ce Strong name Microsoft.AspNet.Antiforgery. 2015-11-03 12:51:41 -08:00
Chris R 7edbabd498 React to Http.Abstractions changes. 2015-11-03 10:15:23 -08:00
Chris R 84cfe5640d React to WebEncoders changes. 2015-10-30 11:45:48 -07:00
Pranav K ebcaeadf64 Merge branch 'release' into dev 2015-10-28 12:51:04 -07:00
Pranav K e49daaa980 Updating to release NuGet.config. 2015-10-28 12:43:08 -07:00
Pranav K c7dc5ab7f0 Switching to generations TFMs 2015-10-22 00:23:06 -07:00
Doug Bunting e925bb1b3a Fix local build break 2015-10-12 12:47:15 -07:00
Doug Bunting c0517a2815 React to aspnet/Universe#290 fix 2015-10-08 19:44:57 -07:00
Pranav K 7a0068ede2 Renaming Microsoft.Framework.* -> Microsoft.Extensions.* 2015-10-03 15:44:46 -07:00
N. Taylor Mullen c555131eaa Update 'build.cmd' alias parameter to use full name. 2015-10-01 11:58:29 -07:00
Pranav K 1bf932f403 Merge branch 'release' into dev 2015-09-28 23:15:45 -07:00
Pranav K c5a16b3a51 Updating to release NuGet.config. 2015-09-28 23:15:43 -07:00
Ajay Bhargav Baaskaran 90539dc489 Enabling NuGetPackageVerifier 2015-09-22 15:33:36 -07:00
N. Taylor Mullen 5392f41746 Update nuget.exe and corresponding feeds to v3. 2015-09-17 18:33:14 -07:00
Pranav K e0ec2da711 Replacing NotNull with thrown exceptions 2015-09-11 17:07:52 -07:00
Pranav K 3240ef37e1 Adding NeutralResourcesLanguageAttribute 2015-09-10 16:25:41 -07:00
David Fowler 6bc4a40926 Setup ci stuff 2015-09-04 01:33:47 -07:00
Hao Kung 83ea8051c8 Update test 2015-09-02 15:44:39 -07:00
Hao Kung f5c8bf09e2 React to options 2015-09-02 15:28:52 -07:00
Chris R 7bb59a287c React to string[] -> StringValues changes. 2015-08-28 14:23:17 -07:00
N. Taylor Mullen 2a7dcea266 Update 'build.sh' to pull Sake from v2 NuGet feed. 2015-08-20 20:46:58 -07:00
N. Taylor Mullen ed367df5bc Update 'build.cmd' to pull Sake from v2 NuGet feed. 2015-08-20 15:38:10 -07:00
N. Taylor Mullen 7cbbbd9b60 Update NuGet feed from v2 => v3. 2015-08-19 14:54:37 -07:00
Pranav K 8a19c4e805 Updating to aspnetlitedev. 2015-08-18 14:00:24 -07:00
Pranav K 3ec97f57ca Merge branch 'release' into dev 2015-08-18 14:00:23 -07:00
Pranav K a89c269a06 Updating to aspnetliterelease. 2015-08-18 14:00:23 -07:00
Pranav K b0a55ebd36 Merge branch 'release' into dev 2015-08-17 14:48:59 -07:00
Pranav K cadf2f8f71 Updating to release NuGet.config. 2015-08-17 14:48:57 -07:00
Kiran Challa 98c3f181dc Enable pinning build script 2015-08-11 16:54:52 -07:00
Chris R 87d4033226 #10 React to CoreCLR Cryptography pacakge changes, remove transitive dependencies. 2015-08-11 14:29:37 -07:00
Pranav K 3bed6fce9c Reacting to DI changes 2015-08-11 12:53:18 -07:00
unknown b922d816be Fix aspnet/Mvc#2749 - fail gracefully with non-form content 
This change will report a more specific error when antiforgery is used
with non-form content than "invalid content type".
 2015-08-06 10:29:16 -07:00
Ryan Nowak 9bcecf3994 Fix #5 - better error message for missing tokens 
This fix changes the model for error messaging in antiforgery. Now only
the token store will report a detailed error message including the names
of form field and cookie. Other components will give more generic errors
and assume that this was handled by the token store.

This way you still see an error if the user creates a token store that
doesn't throw, but it's a generic error that doesn't give incorrect
information.
 2015-08-06 08:48:47 -07:00
Troy Dai fbe9dc58e8 Update CoreCLR versions 2015-08-04 10:15:20 -07:00
Pranav K 30868049dd Merge branch 'release' into dev 2015-07-16 08:57:56 -07:00
Pranav K 468e64d3ad Updating to release NuGet.config 2015-07-16 08:57:52 -07:00