73695fc443
- #23 part 3 - `Get[AndStore]Tokens()` would deserialize cookie token from request even if `IsRequestValidAsync()` already had - `GetAndStoreTokens()` serialized an old (never saved) cookie token once and a new one twice - refactor serialization from `DefaultAntiforgeryTokenStore` to `DefaultAntiforgery` - divide responsibilities and ease overall fix - above refactoring took `IAntiforgeryContextAccessor` responsibilities along to `DefaultAntiforgery` as well - store all tokens in `IAntiforgeryContextAccessor` to avoid repeated (de)serializations - remove `AntiforgeryTokenSetInternal` nits: - bit more parameter renaming to `httpContext` - remove argument checks in helper methods - did _not_ do a sweep through the repo; just files in this PR |
||
|---|---|---|
| samples/AntiforgerySample | ||
| src/Microsoft.AspNetCore.Antiforgery | ||
| test | ||
| tools | ||
| .bowerrc | ||
| .gitattributes | ||
| .gitignore | ||
| .travis.yml | ||
| Antiforgery.sln | ||
| CONTRIBUTING.md | ||
| LICENSE.txt | ||
| NuGet.config | ||
| NuGetPackageVerifier.json | ||
| README.md | ||
| appveyor.yml | ||
| build.cmd | ||
| build.sh | ||
| global.json | ||
| makefile.shade | ||
README.md
Antiforgery
AppVeyor:
Travis: 
Antiforgery system for generating secure tokens to prevent Cross-Site Request Forgery attacks.
This project is part of ASP.NET 5. You can find samples, documentation and getting started instructions for ASP.NET 5 at the Home repo.