Giraffe.Antiforgery 1.0.0

.NET Standard 2.0
dotnet add package Giraffe.Antiforgery --version 1.0.0
NuGet\Install-Package Giraffe.Antiforgery -Version 1.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Giraffe.Antiforgery" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Giraffe.Antiforgery --version 1.0.0
#r "nuget: Giraffe.Antiforgery, 1.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Giraffe.Antiforgery as a Cake Addin
#addin nuget:?package=Giraffe.Antiforgery&version=1.0.0

// Install Giraffe.Antiforgery as a Cake Tool
#tool nuget:?package=Giraffe.Antiforgery&version=1.0.0


Provides support for CSRF token generation and validation using the Microsoft.AspNetCore.Antiforgery package.

Getting Started

open Giraffe.Antiforgery
open Giraffe.GiraffeViewEngine.Antiforgery

// rest of code

let formView (token : AntiforgeryTokenSet) = 
    html [] [
        body [] [
                form [ _method "post" ] [
                        antiforgeryInput token
                        input [ _type "submit"; _value "Submit" ]
let csrfHandler (token : AntiforgeryTokenSet) : HttpHandler = 
    fun (next: HttpFunc) (ctx : HttpContext) ->                                
        htmlView (formView token) next ctx

let webApp =
    choose [
        GET >=> choose [
                // using htmlView helper
                route "/token" >=> choose [ 
                        GET  >=> csrfHtmlView formView
                        POST >=> requiresCsrfToken (text "intruder!") >=> text "oh hi there ;)" 
                // manual token handler
                route "/token" >=> choose [ 
                    GET  >=> csrfTokenizer csrfHandler
                    POST >=> requiresCsrfToken (text "intruder!") >=> text "oh hi there ;)" 
                route "/" >=> text "hello" 
        RequestErrors.NOT_FOUND "Not Found"

// rest of code



Generates a CSRF token using the Microsoft.AspNetCore.Antiforgery package, which is fed into the provided handler.

csrfTokenizer: (handler : AntiforgeryTokenSet -> HttpHandler) -> (next: HttpFunc) -> (ctx : HttpContext) -> HttpFuncResult


Injects a newly generated CSRF token into a Giraffe.GiraffeViewEngine.XmlNode. Think enriched htmlView.

csrfHtmlView: (view : AntiforgeryTokenSet -> XmlNode) -> (next: HttpFunc) -> (ctx : HttpContext) -> HttpFuncResult


Checks the presence and validity of CSRF token and calls invalidTokenHandler on failure. Analogous to requiresAuthentication.

requiresCsrfToken: (invalidTokenHandler : HttpHandler) -> (next: HttpFunc) -> (ctx : HttpContext) -> HttpFuncResult



Generates the hidden CSRF input using the Giraffe.GiraffeViewEngine

antiforgeryInput (token : AntiforgeryTokenSet) -> XmlNode

Requires open Giraffe.GiraffeViewEngine.Antiforgery

Product Versions
.NET net5.0 net5.0-windows net6.0 net6.0-android net6.0-ios net6.0-maccatalyst net6.0-macos net6.0-tvos net6.0-windows net7.0 net7.0-android net7.0-ios net7.0-maccatalyst net7.0-macos net7.0-tvos net7.0-windows
.NET Core netcoreapp2.0 netcoreapp2.1 netcoreapp2.2 netcoreapp3.0 netcoreapp3.1
.NET Standard netstandard2.0 netstandard2.1
.NET Framework net461 net462 net463 net47 net471 net472 net48 net481
MonoAndroid monoandroid
MonoMac monomac
MonoTouch monotouch
Tizen tizen40 tizen60
Xamarin.iOS xamarinios
Xamarin.Mac xamarinmac
Xamarin.TVOS xamarintvos
Xamarin.WatchOS xamarinwatchos
Compatible target framework(s)
Additional computed target framework(s)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.0 826 3/26/2020