public AntiForgeryMvcFilter(IInfrastructureAntiForgeryManager AntiForgeryManager, IMvcConfiguration mvcConfiguration, IAntiForgeryWebConfiguration antiForgeryWebConfiguration)
{
_AntiForgeryManager = AntiForgeryManager;
_mvcConfiguration = mvcConfiguration;
_antiForgeryWebConfiguration = antiForgeryWebConfiguration;
Logger = NullLogger.Instance;
}
public InfrastructureAntiForgeryApiFilter(
IInfrastructureAntiForgeryManager InfrastructureAntiForgeryManager,
IInfrastructureWebApiConfiguration webApiConfiguration,
IAntiForgeryWebConfiguration antiForgeryWebConfiguration)
{
_InfrastructureAntiForgeryManager = InfrastructureAntiForgeryManager;
_webApiConfiguration = webApiConfiguration;
_antiForgeryWebConfiguration = antiForgeryWebConfiguration;
Logger = NullLogger.Instance;
}
public static bool ShouldValidate(this IInfrastructureAntiForgeryManager manager, IAntiForgeryWebConfiguration antiForgeryWebConfiguration, MethodInfo methodInfo, HttpVerb httpVerb, bool defaultValue)
{
if (!antiForgeryWebConfiguration.IsEnabled)
{
return(false);
}
if (methodInfo.IsDefined(typeof(ValidateAntiForgeryTokenAttribute), true))
{
return(true);
}
if (ReflectionHelper.GetSingleAttributeOfMemberOrDeclaringTypeOrDefault <DisableAntiForgeryTokenValidationAttribute>(methodInfo) != null)
{
return(false);
}
if (antiForgeryWebConfiguration.IgnoredHttpVerbs.Contains(httpVerb))
{
return(false);
}
if (methodInfo.DeclaringType?.IsDefined(typeof(ValidateAntiForgeryTokenAttribute), true) ?? false)
{
return(true);
}
return(defaultValue);
}
public WebModuleConfiguration(IAntiForgeryWebConfiguration antiForgery, IWebLocalizationConfiguration localization)
{
AntiForgery = antiForgery;
Localization = localization;
}
