diff --git a/src/FubuMVC.AntiForgery.Testing/Default_policy_applies_anti_forgery_to_post_routes.cs b/src/FubuMVC.AntiForgery.Testing/Default_policy_applies_anti_forgery_to_post_routes.cs index e3cbc06..687c470 100644 --- a/src/FubuMVC.AntiForgery.Testing/Default_policy_applies_anti_forgery_to_post_routes.cs +++ b/src/FubuMVC.AntiForgery.Testing/Default_policy_applies_anti_forgery_to_post_routes.cs @@ -1,6 +1,7 @@ using System.Linq; using FubuMVC.Core; using FubuMVC.Core.Registration; +using FubuMVC.Core.Registration.Nodes; using FubuMVC.StructureMap; using FubuTestingSupport; using HtmlTags; @@ -21,9 +22,9 @@ public void the_order_of_the_configuration_action_was_wrong() { var graph = runtime.Factory.Get(); - graph.BehaviorFor(x => x.post_csrf(null)) - .OfType().Any() - .ShouldBeTrue(); + graph.BehaviorFor(x => x.post_csrf(null)) + .OfType().Any() + .ShouldBeTrue(); } diff --git a/src/FubuMVC.AntiForgery/AntiForgeryFilter.cs b/src/FubuMVC.AntiForgery/AntiForgeryFilter.cs new file mode 100644 index 0000000..fa7b8d4 --- /dev/null +++ b/src/FubuMVC.AntiForgery/AntiForgeryFilter.cs @@ -0,0 +1,30 @@ +using System.Net; +using FubuMVC.Core.Continuations; + +namespace FubuMVC.AntiForgery +{ + public interface IAntiForgeryFilter + { + FubuContinuation Filter(string salt); + } + + public class AntiForgeryFilter : IAntiForgeryFilter + { + private readonly IAntiForgeryValidator _validator; + + public AntiForgeryFilter(IAntiForgeryValidator validator) + { + _validator = validator; + } + + public FubuContinuation Filter(string salt) + { + if (_validator.Validate(salt)) + { + return FubuContinuation.NextBehavior(); + } + + return FubuContinuation.EndWithStatusCode(HttpStatusCode.InternalServerError); + } + } +} \ No newline at end of file diff --git a/src/FubuMVC.AntiForgery/AntiForgeryPolicy.cs b/src/FubuMVC.AntiForgery/AntiForgeryPolicy.cs index 52bc141..025b2b3 100644 --- a/src/FubuMVC.AntiForgery/AntiForgeryPolicy.cs +++ b/src/FubuMVC.AntiForgery/AntiForgeryPolicy.cs @@ -1,18 +1,19 @@ using System.Collections.Generic; using System.Linq; using FubuMVC.Core; -using FubuMVC.Core.Registration; - +using FubuMVC.Core.Registration; +using FubuMVC.Core.Registration.Nodes; + namespace FubuMVC.AntiForgery { - [ConfigurationType(ConfigurationType.InjectNodes)] - public class AntiForgeryPolicy : IConfigurationAction - { - public void Configure(BehaviorGraph graph) - { - var antiForgerySettings = graph.Settings.Get(); - graph.Behaviors.Where(antiForgerySettings.AppliesTo) - .Each(x => x.Prepend(new AntiForgeryNode(x.InputType().FullName))); - } - } + [ConfigurationType(ConfigurationType.InjectNodes)] + public class AntiForgeryPolicy : IConfigurationAction + { + public void Configure(BehaviorGraph graph) + { + var antiForgerySettings = graph.Settings.Get(); + graph.Behaviors.Where(antiForgerySettings.AppliesTo) + .Each(x => x.Prepend(ActionFilter.For(f => f.Filter(x.InputType().FullName)))); + } + } } \ No newline at end of file diff --git a/src/FubuMVC.AntiForgery/FubuMVC.AntiForgery.csproj b/src/FubuMVC.AntiForgery/FubuMVC.AntiForgery.csproj index 1822fa1..816c306 100644 --- a/src/FubuMVC.AntiForgery/FubuMVC.AntiForgery.csproj +++ b/src/FubuMVC.AntiForgery/FubuMVC.AntiForgery.csproj @@ -69,6 +69,7 @@ +