/// <summary>
/// Enables the antiforgery script that will inject
/// the hidden token field in html body. This is highly experimental.
/// </summary>
/// <param name="builder"></param>
/// <param name="options">Optional routine for setting up script options.</param>
/// <returns></returns>
public static IApplicationBuilder UseAntiforgeryScript(
this IApplicationBuilder builder,
Action <AntiforgeryScriptOptions> configureOptions = null)
{
var options = new AntiforgeryScriptOptions();
configureOptions?.Invoke(options);
return(builder.Map(options.RequestPath, app => app.UseMiddleware <AntiforgeryScriptMiddleware>(options)));
}
public AntiforgeryScriptMiddleware(RequestDelegate _,
AntiforgeryScriptOptions scriptOptions,
IAntiforgery antiforgery,
IOptions <AntiforgeryOptions> options,
IServiceProvider serviceProvider)
{
_scriptOptions = scriptOptions;
_antiforgery = antiforgery;
_antiforgeryOptions = options;
_serviceProvider = serviceProvider;
}
