Don't like ads? PRO users don't see any ads ;-)
ValidateAntiForgeryTokenWrapperAttribute
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Web;
- using System.Web.Mvc;
- namespace System.Web.Mvc {
- /// <summary>
- /// Wraps <see cref="ValidateAntiForgeryToken"/> to allow attribute to be placed once on the controller class instead on each specific post action
- /// </summary>
- [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method,AllowMultiple = false,Inherited = true)]
- public class ValidateAntiForgeryTokenWrapperAttribute:FilterAttribute,IAuthorizationFilter {
- private readonly ValidateAntiForgeryTokenAttribute _validator;
- public AcceptVerbsAttribute Verbs { get; set; }
- public string Salt { get; set; }
- public ValidateAntiForgeryTokenWrapperAttribute(HttpVerbs verbs)
- : this(verbs,null) {
- }
- public ValidateAntiForgeryTokenWrapperAttribute(string salt)
- : this(HttpVerbs.Post,salt) {
- }
- public ValidateAntiForgeryTokenWrapperAttribute(HttpVerbs verbs,string salt) {
- this.Verbs = new AcceptVerbsAttribute(verbs);
- this.Salt = salt;
- this._validator = new ValidateAntiForgeryTokenAttribute() {
- Salt = salt
- };
- }
- public void OnAuthorization(AuthorizationContext filterContext) {
- string httpMethodOverride = filterContext.HttpContext.Request.GetHttpMethodOverride();
- if(this.Verbs.Verbs.Contains(httpMethodOverride,StringComparer.OrdinalIgnoreCase)) {
- this._validator.OnAuthorization(filterContext);
- }
- }
- }
- }
create a new version of this paste
RAW Paste Data