158754ec5e
Merge branch 'release' into dev
2016-04-19 14:53:51 -07:00
9aad34e711
Use latest build of dotnet-test-xunit
2016-04-19 14:53:51 -07:00
3f9ceee4b1
Merge branch 'release' into dev
2016-04-18 17:07:38 -07:00
a35e5a02c3
Bring Microsoft.NETCore.Platforms dependency back
2016-04-18 17:07:34 -07:00
eabe83a72d
Prevent null-ref and log exceptions form Serializer
2016-04-18 15:55:27 -07:00
fd81151d31
Preserve X-Frame-Options if it was already set
2016-04-18 14:27:06 -07:00
6099dfa261
Merge branch 'release' into dev
2016-04-15 09:52:07 -07:00
8570acbb73
Migrate tests, tools and samples to portable
2016-04-15 09:51:51 -07:00
00875cf2df
Merge branch 'release' into dev
2016-04-11 10:15:01 -07:00
921af14e1f
Move web.config and use ANCM
2016-04-11 10:14:07 -07:00
64653cfa3c
Merge branch 'release' into dev
2016-04-08 15:05:19 -07:00
330200874d
Changed DNX451 references to NET451
2016-04-08 15:04:49 -07:00
df8264fce5
Merge branch 'release' into dev
2016-04-08 06:49:20 -07:00
04a4772fe5
Removing imports from src projects
2016-04-08 06:49:20 -07:00
4d7d8d2b20
Merge branch 'release' into dev
2016-04-06 09:47:44 -07:00
1e90efdf32
Updating to release.
2016-04-06 09:47:42 -07:00
37c8f5de70
Revert "Add antiforgery middleware"
...
This reverts commit 4629148519
2016-04-01 09:10:33 -07:00
fab3bfd237
Remove bower \ gulp from sample
2016-03-31 07:01:27 -07:00
65a2b8d25b
React to HttpAbstractions namespace changes
...
- aspnet/HttpAbstractions#549 and aspnet/HttpAbstractions#592
- clean up `using`s
2016-03-30 16:13:12 -07:00
d0ed4f8688
Reacting to Kestrel extensions
2016-03-30 15:54:02 -07:00
ea4b94a757
Add webhook notification
2016-03-30 10:27:16 -07:00
0bc42a9b21
Return IServiceCollection from AddAntiforgery extension methods
2016-03-28 14:59:24 -07:00
0c81df8591
An `ObjectPoolProvider` is always registered
...
- react to aspnet/Hosting/pull#673
2016-03-25 11:19:23 -07:00
c6f7a3434e
Fixed build
2016-03-25 10:50:06 -07:00
4d64c1849d
Reacting to Hosting changes
2016-03-24 12:01:19 -07:00
94cefde3ec
Make IAntiforgeryContextAccessor a Feature
2016-03-23 14:35:26 -07:00
c237f8989a
React to changes in DataProtection
2016-03-15 16:26:57 -07:00
ddde171fcb
Reacting to Hosting changes
2016-03-14 20:53:27 -07:00
33c91afbb2
Updated Json.Net version
2016-03-14 14:33:08 -07:00
162cb428cc
Fixing CI build failure
...
Removing unused npm references
2016-03-12 09:45:03 -08:00
a3f564e3d1
Fix backslashes in yml config.
...
[ci skip]
2016-03-09 17:44:49 -08:00
fb28bacda1
Target net451 so functional tests execute with xunit runner on linux
2016-03-09 17:21:05 -08:00
6f7b554496
Limit the branches that build on our public CI.
...
[ci skip]
2016-03-09 16:25:31 -08:00
42417a985e
Update the build scripts to the latest version
2016-03-07 20:55:02 -08:00
1d78d51cb1
Fix package metadata
2016-03-06 21:07:21 -08:00
91b955e080
Update cookie name
2016-03-03 22:48:13 -08:00
91f44549ac
Added Company, Copyright and Product attributes to AssemblyInfo
2016-03-03 17:33:26 -08:00
260f1b7db9
Remove project name from output path
...
- aspnet/Coherence-Signed#187
- remove `<RootNamespace>` settings but maintain other unique aspects e.g. `<DnxInvisibleContent ... />`
- in a few cases, standardize on VS version `14.0` and not something more specific
2016-03-02 15:21:47 -08:00
f9b9dcd79b
Transition to netstandard.
...
- dotnet5.X => netstandard1.y (where y = x-1).
- DNXCore50 => netstandardapp1.5.
- Applied the same changes to ifdefs.
2016-03-01 13:36:35 -08:00
db2093ec2a
Return the error code from build.cmd
2016-02-28 10:12:16 -08:00
6e3518dafc
Update the build scripts
2016-02-27 12:51:13 -08:00
aa8fd48c64
Updated antiforgery ServiceCollectionExtensions
2016-02-26 16:13:10 -08:00
4629148519
[Design] Add antiforgery middleware
...
This new middleware participates in authentication and acts as a filter
when the request doesn't include a valid CSRF token for a POST.
Any authentication middleware that you want to validate an antiforgery
token should go ahead of this middleware in the pipeline (Cookies,
IISIntegration). This also takes care of automatic auth (Windows) done by
weblistener.
Any authentication middleware that you want to ignore antiforgery should
go after this middleware in the pipeline.
To facilitate this, there are a few changes in the antiforgery API
surface. Namely we can now pass in a principal to validate tokens. You
can't pass in a principal to generate tokens - we expect you to be logged
in at that poing. Also, ValidateRequestAsync(...) now checks the HTTP verb
and won't validate GETs and such.
2016-02-24 15:04:09 -08:00
9783a7c42b
Update `build.cmd` to match latest template
...
- aspnet/Universe#347
- `%KOREBUILD_VERSION%` doesn't work without this fix
2016-02-24 12:27:40 -08:00
478edc1735
Pool `char`s used for base64url-encoding and -decoding
...
- #23 part 4
- depends on aspnet/HttpAbstractions@8c120a0
nits:
- correct name of a field in `AntiforgerySerializationContext`
- avoid allocations when returning an `AntiforgerySerializationContext` in (unlikely) case `Stream` is unused
- name literal `int` parameters
2016-02-17 23:17:15 -08:00
c2f4bd0be5
Enabled xml doc generation
2016-02-17 12:12:44 -08:00
a8dbf6a255
* Add logging for other IAntiforgery public methods
2016-02-17 11:57:50 -08:00
220479c1a1
[ Fixes #30 ] Updated UID generation in DefaultClaimUidExtractor
2016-02-16 10:14:52 -08:00
ac107b5371
Make IsRequestValid check HTTP method
...
This code was popping up everywhere this method is called. Seems bad to
duplicate it. Really what the caller wants to know is 'is the request
valid or a potential CSRF exploit?'. This gets the API closer to that.
2016-02-12 16:52:25 -08:00
668b67170f
Enable tests to run in donet xunit runner
2016-02-09 21:50:19 -08:00
Pranav K
Pavel Krymets
Ryan Brandenburg
John Luo
Kiran Challa
Ryan Nowak
Doug Bunting
Victor Hurdugaci
jacalvar
David Fowler
Ajay Bhargav Baaskaran
Nate McMaster
Eilon Lipton
N. Taylor Mullen