/// <summary> /// Enables the antiforgery script that will inject /// the hidden token field in html body. This is highly experimental. /// </summary> /// <param name="builder"></param> /// <param name="options">Optional routine for setting up script options.</param> /// <returns></returns> public static IApplicationBuilder UseAntiforgeryScript( this IApplicationBuilder builder, Action <AntiforgeryScriptOptions> configureOptions = null) { var options = new AntiforgeryScriptOptions(); configureOptions?.Invoke(options); return(builder.Map(options.RequestPath, app => app.UseMiddleware <AntiforgeryScriptMiddleware>(options))); }
public AntiforgeryScriptMiddleware(RequestDelegate _, AntiforgeryScriptOptions scriptOptions, IAntiforgery antiforgery, IOptions <AntiforgeryOptions> options, IServiceProvider serviceProvider) { _scriptOptions = scriptOptions; _antiforgery = antiforgery; _antiforgeryOptions = options; _serviceProvider = serviceProvider; }