private static string GetAntiForgeryTokenAndSetCookie(this HtmlHelper helper, string salt, string domain, string path)
{
string cookieName = AjaxAntiForgeryData.GetAntiForgeryTokenName(helper.ViewContext.HttpContext.Request.ApplicationPath);
AjaxAntiForgeryData cookieToken;
HttpCookie cookie = helper.ViewContext.HttpContext.Request.Cookies[cookieName];
if (cookie != null)
{
cookieToken = Serializer.Deserialize(cookie.Value);
}
else
{
cookieToken = AjaxAntiForgeryData.NewToken();
string cookieValue = Serializer.Serialize(cookieToken);
HttpCookie newCookie = new HttpCookie(cookieName, cookieValue) { HttpOnly = true, Domain = domain };
if (!String.IsNullOrEmpty(path))
{
newCookie.Path = path;
}
helper.ViewContext.HttpContext.Response.Cookies.Set(newCookie);
}
AjaxAntiForgeryData formToken = new AjaxAntiForgeryData(cookieToken)
{
Salt = salt,
Username = AjaxAntiForgeryData.GetUsername(helper.ViewContext.HttpContext.User)
};
string formValue = Serializer.Serialize(formToken);
return formValue;
}
private bool ValidateFormToken(AjaxAntiForgeryData token)
{
return (String.Equals(Salt, token.Salt, StringComparison.Ordinal));
}