huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
64 Commits 1 Branch 0 Tags 251 MiB
C# 84.1%
JavaScript 7.1%
C++ 2.9%
HTML 2.5%
TypeScript 1.3%
Other 1.9%
Go to file
Ryan Nowak 3280ff6ac5 Add Header support 
This change adds support for retrieving an antiforgery CSRF token via a
configurable header in addition to the form field. This helps with doing
ajax requests in a 1st-party SPA when using cookie auth, and is similar to
functionality provided by a bunch of different frameworks.

In this change there's also a bunch of churn due to avoiding the term
'form' in favor of 'request' and 'session' in favor of 'cookie'. Where
code and error message now mention 'form' they specifically mean
form-encoded content.
 		2015-12-15 14:18:09 -08:00
samples/AntiforgerySample Add Header support 2015-12-15 14:18:09 -08:00
src/Microsoft.AspNet.Antiforgery Add Header support 2015-12-15 14:18:09 -08:00
test/Microsoft.AspNet.Antiforgery.Test Add Header support 2015-12-15 14:18:09 -08:00
tools Strong name Microsoft.AspNet.Antiforgery. 2015-11-03 12:51:41 -08:00
.gitattributes
.gitignore Ignore `launchSettings.json` files 2015-11-24 15:31:27 -08:00
.travis.yml Enabling CoreCLR tests on Travis 2015-12-01 11:02:49 -08:00
Antiforgery.sln
CONTRIBUTING.md
LICENSE.txt
NuGet.config Updating to release NuGet.config. 2015-10-28 12:43:08 -07:00
NuGetPackageVerifier.json
README.md
appveyor.yml
build.cmd Fix local build break 2015-10-12 12:47:15 -07:00
build.sh
global.json
makefile.shade

README.md

Antiforgery

AppVeyor: AppVeyor

Travis: Travis

Antiforgery system for generating secure tokens to prevent Cross-Site Request Forgery attacks.

This project is part of ASP.NET 5. You can find samples, documentation and getting started instructions for ASP.NET 5 at the Home repo.