a500a93dfb
Adds the concept of an IAntiforgeryPolicy marker interface as well as the ability to overide policy with a 'closer' filter. Adds a new [IgnoreAntiforgeryToken] attribute for overriding a scoped antiforgery policy. Adds a new [AutoValidateAntiforgeryToken] attribute (good name tbd) for applying an application-wide antiforgery token. The idea is that you can configure this as a global filter if your site is acting as a pure browser-based or 1st party SPA. This new attribute only validates the token for unsafe HTTP methods, so you can apply it broadly. |
||
|---|---|---|
| .. | ||
| Microsoft.AspNet.Mvc.Abstractions.Test | ||
| Microsoft.AspNet.Mvc.ApiExplorer.Test | ||
| Microsoft.AspNet.Mvc.Core.Test | ||
| Microsoft.AspNet.Mvc.Cors.Test | ||
| Microsoft.AspNet.Mvc.DataAnnotations.Test | ||
| Microsoft.AspNet.Mvc.Formatters.Json.Test | ||
| Microsoft.AspNet.Mvc.Formatters.Xml.Test | ||
| Microsoft.AspNet.Mvc.FunctionalTests | ||
| Microsoft.AspNet.Mvc.IntegrationTests | ||
| Microsoft.AspNet.Mvc.Localization.Test | ||
| Microsoft.AspNet.Mvc.Razor.Host.Test | ||
| Microsoft.AspNet.Mvc.Razor.Test | ||
| Microsoft.AspNet.Mvc.TagHelpers.Test | ||
| Microsoft.AspNet.Mvc.Test | ||
| Microsoft.AspNet.Mvc.TestCommon | ||
| Microsoft.AspNet.Mvc.TestDiagnosticListener.Sources | ||
| Microsoft.AspNet.Mvc.ViewFeatures.Test | ||
| Microsoft.AspNet.Mvc.WebApiCompatShimTest | ||
| WebSites | ||