try { string cookieToken, formToken; AntiForgery.GetTokens(null, out cookieToken, out formToken); CookieHeaderValue cookie = Request.Headers .GetCookies(AntiForgeryConfig.CookieName) .FirstOrDefault(); if (cookie != null) { Stream requestBufferedStream = Request.Content.ReadAsStreamAsync().Result; requestBufferedStream.Position = 0; NameValueCollection myform = Request.Content.ReadAsFormDataAsync().Result; try { AntiForgery.Validate(cookie[AntiForgeryConfig.CookieName].Value, myform[AntiForgeryConfig.CookieName]); } catch (Exception ex) { throw new HttpResponseException( new HttpResponseMessage(HttpStatusCode.Unauthorized)); } } }
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)