a500a93dfb
Adds the concept of an IAntiforgeryPolicy marker interface as well as the ability to overide policy with a 'closer' filter. Adds a new [IgnoreAntiforgeryToken] attribute for overriding a scoped antiforgery policy. Adds a new [AutoValidateAntiforgeryToken] attribute (good name tbd) for applying an application-wide antiforgery token. The idea is that you can configure this as a global filter if your site is acting as a pure browser-based or 1st party SPA. This new attribute only validates the token for unsafe HTTP methods, so you can apply it broadly. |
||
|---|---|---|
| .. | ||
| Buffer | ||
| Internal | ||
| Properties | ||
| Rendering | ||
| ViewComponents | ||
| ViewEngines | ||
| ViewFeatures | ||
| ControllerTest.cs | ||
| ControllerUnitTestabilityTests.cs | ||
| Microsoft.AspNet.Mvc.ViewFeatures.Test.xproj | ||
| ModelStateDictionaryExtensionsTest.cs | ||
| PartialViewResultTest.cs | ||
| RemoteAttributeTest.cs | ||
| Resources.resx | ||
| SkipStatusCodePagesAttributeTest.cs | ||
| TestViewBufferScope.cs | ||
| ViewComponentResultTest.cs | ||
| ViewComponentTests.cs | ||
| ViewResultTest.cs | ||
| project.json | ||