public override IController CreateController(System.Web.Routing.RequestContext requestContext, string controllerName)
        {
            var parameters         = requestContext.HttpContext.Request.Params;
            var encryptedParamKeys = parameters.AllKeys.Where(x => x.StartsWith(_settings.EncryptionPrefix)).ToList();

            IRijndaelStringEncrypter decrypter = null;

            foreach (var key in encryptedParamKeys)
            {
                if (decrypter == null)
                {
                    decrypter = GetDecrypter(requestContext);
                }

                var oldKey   = key.Replace(_settings.EncryptionPrefix, string.Empty);
                var oldValue = decrypter.Decrypt(parameters[key]);
                if (requestContext.RouteData.Values[oldKey] != null)
                {
                    if (requestContext.RouteData.Values[oldKey].ToString() != oldValue)
                    {
                        throw new ApplicationException("Form values is modified!");
                    }
                }
                requestContext.RouteData.Values[oldKey] = oldValue;
            }

            if (decrypter != null)
            {
                decrypter.Dispose();
            }

            return(base.CreateController(requestContext, controllerName));
        }
        public override IController CreateController(RequestContext requestContext, string controllerName)
        {
            var routeData = requestContext.RouteData;

            if (routeData.Values.ContainsKey("MS_DirectRouteMatches"))
            {
                routeData = ((IEnumerable <RouteData>)routeData.Values["MS_DirectRouteMatches"]).First();
            }

            var parameters = requestContext.HttpContext.Request.Params;

            var encryptedParamKeys = new List <string>();

            if (parameters.AllKeys[0] != null)
            {
                encryptedParamKeys = parameters.AllKeys.Where(x => x.StartsWith(_settings.EncryptionPrefix)).ToList();
            }

            IRijndaelStringEncrypter decrypter = null;

            foreach (var key in encryptedParamKeys)
            {
                if (decrypter == null)
                {
                    decrypter = GetDecrypter(requestContext);
                }

                var oldKey   = key.Replace(_settings.EncryptionPrefix, string.Empty);
                var oldValue = decrypter.Decrypt(parameters[key]);
                if (routeData.Values[oldKey] != null)
                {
                    if (routeData.Values[oldKey].ToString() != oldValue)
                    {
                        throw new ApplicationException("Form values is modified!");
                    }
                }

                routeData.Values[oldKey] = oldValue;
            }

            decrypter?.Dispose();

            return(base.CreateController(requestContext, controllerName));
        }