Skip to content

Commit e78d09c

Browse files
author
Musa Demir
committed
update antiforgery
1 parent 3f73857 commit e78d09c

File tree

3 files changed

+18
-16
lines changed

3 files changed

+18
-16
lines changed

aspnet-core/src/AbpCompanyName.AbpProjectName.Web.Host/Controllers/AntiForgeryController.cs

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,20 +1,30 @@
1+
using System.Threading.Tasks;
2+
using Abp.Web.Security.AntiForgery;
13
using Microsoft.AspNetCore.Antiforgery;
24
using AbpCompanyName.AbpProjectName.Controllers;
5+
using Microsoft.AspNetCore.Mvc;
36

47
namespace AbpCompanyName.AbpProjectName.Web.Host.Controllers
58
{
69
public class AntiForgeryController : AbpProjectNameControllerBase
710
{
811
private readonly IAntiforgery _antiforgery;
12+
private readonly IAbpAntiForgeryManager _antiForgeryManager;
913

10-
public AntiForgeryController(IAntiforgery antiforgery)
14+
public AntiForgeryController(IAntiforgery antiforgery, IAbpAntiForgeryManager antiForgeryManager)
1115
{
1216
_antiforgery = antiforgery;
17+
_antiForgeryManager = antiForgeryManager;
1318
}
1419

1520
public void GetToken()
1621
{
1722
_antiforgery.SetCookieTokenAndHeader(HttpContext);
1823
}
24+
25+
public void SetCookie()
26+
{
27+
_antiForgeryManager.SetCookie(HttpContext);
28+
}
1929
}
2030
}

aspnet-core/src/AbpCompanyName.AbpProjectName.Web.Host/Startup/Startup.cs

Lines changed: 1 addition & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -121,21 +121,7 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerFactory)
121121
endpoints.MapControllerRoute("default", "{controller=Home}/{action=Index}/{id?}");
122122
endpoints.MapControllerRoute("defaultWithArea", "{area}/{controller=Home}/{action=Index}/{id?}");
123123
});
124-
125-
// Swagger anti forgery
126-
app.Use(async (context, next) =>
127-
{
128-
const string swaggerRoutePrefix = "swagger";
129-
130-
if (context.Request.Method == "GET" &&
131-
context.Request.Path.HasValue &&
132-
context.Request.Path.Value.StartsWith(swaggerRoutePrefix.EnsureStartsWith('/')))
133-
{
134-
context.RequestServices.GetRequiredService<IAbpAntiForgeryManager>().SetCookie(context);
135-
}
136-
137-
await next.Invoke();
138-
});
124+
139125
// Enable middleware to serve generated Swagger as a JSON endpoint
140126
app.UseSwagger();
141127
// Enable middleware to serve swagger-ui assets (HTML, JS, CSS etc.)

aspnet-core/src/AbpCompanyName.AbpProjectName.Web.Host/wwwroot/swagger/ui/index.html

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,8 +70,14 @@
7070
<script src="swagger-ui-standalone-preset.js"></script>
7171
<script src="ui/abp.js"></script>
7272
<script src="ui/abp.swagger.js"></script>
73+
7374
<script>
7475
window.onload = function () {
76+
if (!abp.security.antiForgery.getToken()) {
77+
fetch("/antiforgery/SetCookie")
78+
.then(data => { });
79+
}
80+
7581
var configObject = JSON.parse('%(ConfigObject)');
7682

7783
// Apply mandatory parameters

0 commit comments

Comments
 (0)