removed method-level [ValidateAntiForgeryToken] attribute as it is now handled by global AutoValidateAntiforgeryTokenFilter, adjusted gitignore to improve filtering of Module and Theme folders in wwwroot and exclude all files in Oqtane.Server/Data

2022-04-15 08:01:32 -04:00 · 2022-04-15 08:01:32 -04:00 · 1c7380d4cf
commit 1c7380d4cf
parent f6b3874668
3 changed files with 8 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@ -12,9 +12,7 @@ msbuild.binlog
 *.idea

 Oqtane.Server/appsettings.json
-Oqtane.Server/Data/*.mdf
-Oqtane.Server/Data/*.ldf
-Oqtane.Server/Data/*.db
+Oqtane.Server/Data

 /Oqtane.Server/Properties/PublishProfiles/FolderProfile.pubxml
 Oqtane.Server/Content
@ -22,3 +20,10 @@ Oqtane.Server/Packages
 Oqtane.Server/wwwroot/Content
 Oqtane.Server/wwwroot/Packages/*.log

+Oqtane.Server/wwwroot/Modules
+!Oqtane.Server/wwwroot/Modules/Oqtane.Modules.*
+!Oqtane.Server/wwwroot/Modules/Templates
+
+Oqtane.Server/wwwroot/Themes
+!Oqtane.Server/wwwroot/Themes/Oqtane.Themes.*
+!Oqtane.Server/wwwroot/Themes/Templates
--- a/Oqtane.Server/Modules/HtmlText/Controllers/HtmlTextController.cs
+++ b/Oqtane.Server/Modules/HtmlText/Controllers/HtmlTextController.cs
@ -84,7 +84,6 @@ namespace Oqtane.Modules.HtmlText.Controllers
        }

        // POST api/<controller>
-        [ValidateAntiForgeryToken]
        [HttpPost]
        [Authorize(Policy = PolicyNames.EditModule)]
        public Models.HtmlText Post([FromBody] Models.HtmlText htmlText)
@ -104,7 +103,6 @@ namespace Oqtane.Modules.HtmlText.Controllers
        }

        // DELETE api/<controller>/5
-        [ValidateAntiForgeryToken]
        [HttpDelete("{id}/{moduleid}")]
        [Authorize(Policy = PolicyNames.EditModule)]
        public void Delete(int id, int moduleId)
--- a/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Controllers/[Module]Controller.cs
+++ b/Oqtane.Server/wwwroot/Modules/Templates/External/Server/Controllers/[Module]Controller.cs
@ -58,7 +58,6 @@ namespace [Owner].[Module].Controllers
        }

        // POST api/<controller>
-        [ValidateAntiForgeryToken]
        [HttpPost]
        [Authorize(Policy = PolicyNames.EditModule)]
        public Models.[Module] Post([FromBody] Models.[Module] [Module])
@ -78,7 +77,6 @@ namespace [Owner].[Module].Controllers
        }

        // PUT api/<controller>/5
-        [ValidateAntiForgeryToken]
        [HttpPut("{id}")]
        [Authorize(Policy = PolicyNames.EditModule)]
        public Models.[Module] Put(int id, [FromBody] Models.[Module] [Module])
@ -98,7 +96,6 @@ namespace [Owner].[Module].Controllers
        }

        // DELETE api/<controller>/5
-        [ValidateAntiForgeryToken]
        [HttpDelete("{id}")]
        [Authorize(Policy = PolicyNames.EditModule)]
        public void Delete(int id)