Skip to content

davidgruar/GlobalFilterDemo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

Controllers

Controllers

 
 

Models

Models

 
 

Views

Views

 
 

.gitignore

.gitignore

 
 

GlobalFilterDemo.csproj

GlobalFilterDemo.csproj

 
 

Program.cs

Program.cs

 
 

README.md

README.md

 
 

Startup.cs

Startup.cs

 
 

Repository files navigation

This app consists of a single page with two forms. The first form uses the <form> tag helper, which includes an anti-forgery token in the request body; the second form uses a raw HTML <form> element, which doesn't. Submitting the first form successfully reloads the page; submitting the second form results in a 400 Bad Request.

If you change this line in Startup.cs:

options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());

to this:

options.Filters.Add(typeof(AutoValidateAntiforgeryTokenAttribute));

the anti-forgery validation doesn't take effect.

About

Repro of issue with global filters in ASP.NET Core

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages