AutoValidateAntiforgeryIgnoreBearerAttribute class
namespace: Serenity.Web assembly: Serenity.Net.Web
An attribute that causes validation of antiforgery tokens for all unsafe HTTP methods. An antiforgery token is required for HTTP methods other than GET, HEAD, OPTIONS, and TRACE, and when there is no cookie header and authorization is Bearer, e.g. JWT etc.
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
public class AutoValidateAntiforgeryIgnoreBearerAttribute : Attribute, IFilterFactory,
IOrderedFilter
Public Members
name | description |
---|---|
AutoValidateAntiforgeryIgnoreBearerAttribute() | The default constructor. |
IsReusable { get; } | |
Order { get; set; } | |
CreateInstance(…) |
Remarks
AutoValidateAntiforgeryIgnoreBearerAttribute
can be applied as a global filter to trigger validation of antiforgery tokens by default for an application. Use IgnoreAntiforgeryTokenAttribute to suppress validation of the antiforgery token for a controller or action.