kocoded/oqtane.framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

require AntiForgery on Static Rendered components

Browse Source
This commit is contained in:
sbwalker 2024-05-08 14:42:39 -04:00
parent f7895823cb
commit bf4052b550
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Oqtane.Server/Extensions/ComponentEndpointRouteBuilderExtensions.cs
View File

@ -5,6 +5,7 @@ using Microsoft.AspNetCore.Routing;
using System; using System;
using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Builder;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.AspNetCore.Antiforgery;
namespace OqtaneSSR.Extensions namespace OqtaneSSR.Extensions
{ {
@ -23,6 +24,7 @@ namespace OqtaneSSR.Extensions
{ {
routeEndpointBuilder.Metadata.Add(new RootComponentMetadata(typeof(App))); routeEndpointBuilder.Metadata.Add(new RootComponentMetadata(typeof(App)));
routeEndpointBuilder.Metadata.Add(new ComponentTypeMetadata(typeof(App))); routeEndpointBuilder.Metadata.Add(new ComponentTypeMetadata(typeof(App)));
routeEndpointBuilder.Metadata.Add(new RequireAntiforgeryTokenAttribute());
}); });
} }
} }

1
Oqtane.Server/Startup.cs
View File

@ -216,6 +216,7 @@ namespace Oqtane
app.UseCors(); app.UseCors();
app.UseAuthentication(); app.UseAuthentication();
app.UseAuthorization(); app.UseAuthorization();
app.UseAntiforgery();
if (_useSwagger) if (_useSwagger)
{ {