- Roslyn currently has an issue where too large of strings result in out of memory exceptions at compile time. To combat this I broke down literal strings into 1024 length pieces each resulting in their own `WriteLiteral`/`WriteLiteralTo` calls. The 1024 number corresponds directly with MVCs response string buffer.
- Added tests to validate large string rendering.
#614
Adds the concept of an IAntiforgeryPolicy marker interface as well as
the ability to overide policy with a 'closer' filter.
Adds a new [IgnoreAntiforgeryToken] attribute for overriding a scoped
antiforgery policy.
Adds a new [AutoValidateAntiforgeryToken] attribute (good name tbd) for
applying an application-wide antiforgery token. The idea is that you can
configure this as a global filter if your site is acting as a pure
browser-based or 1st party SPA. This new attribute only validates the
token for unsafe HTTP methods, so you can apply it broadly.
- #557
- use `int.ToString(CultureInfo.InvariantCulture)` consistently in `CSharpCodeWriter` / `CSharpCodeVisitor`
- correct `string` operations to use explicit `StringComparison.Ordinal`
- improve `RazorEditorParser` doc comments
nits:
- remove one-off use of `CurrentUICulture` in `LineMapping` debug code (`ToString()` implementation)
- clean a bit of #YOLO wrapping and long lines
- Check MVC services once at startup
- Make action selector sync
We've never really had a scenario for the action selector being async, it
just ended up that way. None of our extensibility here lets you do
anything async without replacing it wholesale, which we don't
recommend.
Replaces a bunch of dictionary operations with indexing into an array by
doing some caching. Also eliminating an enumerator allocation by changing
from IReadOnlyDictionary to RouteValueDictionary.
- No need to set the authenticationType in the Authorize_ShouldAllowIfClaimIsPresent unit test, since we already have another unit test for these functionality.
- Specified the authentication scheme of the authorization policy in the Authorize_ShouldAllowIfClaimIsPresentWithSpecifiedAuthType unit test