navigation

CSRF

Namespace: Saturn
Parent: Saturn

Module containing helpers for CSRF Antiforgery protection


Declared Types
Type Description
CSRFError

Declared Modules
Module Description
View

Contains view helpers for csrf tokens for various view engines.


Values and Functions
Name Description
tryCsrf errorHandler next ctx
Signature: errorHandler:(CSRFError -> HttpHandler) -> next:HttpFunc -> ctx:HttpContext -> HttpFuncResult

Protect a resource by validating that requests that can change state come with a valid request antiforgery token, which is based off of a known session token. The particular configuration options can be set via the application builder's use_antiforgery_with_config method. If the request is not valid, a custom error handler will be invoked with the validation error

csrf
Signature: HttpHandler

Protect a resource by validating that requests that can change state come with a valid request antiforgery token, which is based off of a known session token. The particular configuration options can be set via the application builder's use_antiforgery_with_config method.

getRequestTokens(ctx)
Signature: ctx:HttpContext -> AntiforgeryTokenSet


Type Extensions
Name Description
x.ValidateCSRF()
Signature: unit -> Task

Protect a resource by validating that requests that can change state come with a valid request antiforgery token, which is based off of a known session token. The particular configuration options can be set via the application builder's use_antiforgery_with_config method. If the request is not valid, an exception will be thrown with details

x.TryValidateCSRF()
Signature: unit -> Task>

Protect a resource by validating that requests that can change state come with a valid request antiforgery token, which is based off of a known session token. The particular configuration options can be set via the application builder's use_antiforgery_with_config method. If the request is not valid, an Error result will be returned with details