Exemple #1
0
        // methods

        /// <summary>
        /// Check the csrf token name and value in the current asp.net session and create one if not existing already
        /// </summary>
        private void SetupCSRFTokenNameAndValue()
        {
            Token newToken = new RandomToken();

            // If no token yet, this is the first request so set one to be used on the response and then set the flag to indicate checking is not required
            if (CsrfTokenValue == null)
            {
                CsrfTokenValue = newToken.Value;
                _skipDetect    = true;
            }

            if (CsrfTokenName == null)
            {
                if (App.Configuration.UseRandomCSRFTokenName)
                {
                    CsrfTokenName = newToken.Name;
                }
                else
                {
                    if (App.Configuration.staticCSRFTokenName != null)
                    {
                        newToken.Name = App.Configuration.staticCSRFTokenName;
                        CsrfTokenName = newToken.Name;
                    }
                }
            }
        }
        // methods
        /// <summary>
        /// Check the csrf token name and value in the current asp.net session and create one if not existing already
        /// </summary>
        private void SetupCSRFTokenNameAndValue()
        {
            Token newToken = new RandomToken();
            // If no token yet, this is the first request so set one to be used on the response and then set the flag to indicate checking is not required
            if (CsrfTokenValue == null)
            {
                CsrfTokenValue = newToken.Value;
                _skipDetect = true;
            }

            if (CsrfTokenName == null)
            {
                if (App.Configuration.UseRandomCSRFTokenName)
                {
                    CsrfTokenName = newToken.Name;
                }
                else
                {
                    if (App.Configuration.staticCSRFTokenName != null)
                    {
                        newToken.Name = App.Configuration.staticCSRFTokenName;
                        CsrfTokenName = newToken.Name;
                    }
                }
            }
        }