CSRF
Namespace:
Saturn
Parent:
Saturn
Module containing helpers for CSRF Antiforgery protection
Declared Types
Declared Modules
|
Module
|
Description
|
|
View
|
Contains view helpers for csrf tokens for various view engines.
|
Values and Functions
|
Name
|
Description
|
tryCsrf errorHandler next ctx
Signature:
errorHandler:(CSRFError -> HttpHandler) -> next:HttpFunc -> ctx:HttpContext -> HttpFuncResult
|
Protect a resource by validating that requests that can change state come with a valid request antiforgery token, which is based off of a known session token.
The particular configuration options can be set via the application builder's use_antiforgery_with_config method.
If the request is not valid, a custom error handler will be invoked with the validation error
|
csrf
Signature:
HttpHandler
|
Protect a resource by validating that requests that can change state come with a valid request antiforgery token, which is based off of a known session token.
The particular configuration options can be set via the application builder's use_antiforgery_with_config method.
|
getRequestTokens(ctx)
Signature:
ctx:HttpContext -> AntiforgeryTokenSet
|
|
Type Extensions
|
Name
|
Description
|
x.ValidateCSRF()
Signature:
unit -> Task
|
Protect a resource by validating that requests that can change state come with a valid request antiforgery token, which is based off of a known session token.
The particular configuration options can be set via the application builder's use_antiforgery_with_config method.
If the request is not valid, an exception will be thrown with details
|
x.TryValidateCSRF()
Signature:
unit -> Task>
|
Protect a resource by validating that requests that can change state come with a valid request antiforgery token, which is based off of a known session token.
The particular configuration options can be set via the application builder's use_antiforgery_with_config method.
If the request is not valid, an Error result will be returned with details
|