ProtectAttribute

Namespace: ASPSecurityKit.NetCore
Assembly: ASPSecurityKit.NetCore.dll

Summary

An ASP.NET Core action filter attribute that protects the associated actions or endpoints by executing a strong security pipeline provided by ASPSecurityKit.

Constructors

#ctor(securityPipeline,securitySettings,securityUtility,errorResource,xssValidator)

Summary

Executes the ISecurityPipeline before the action method executes.

Parameters
Name Type Description
securityPipeline ASPSecurityKit.ISecurityPipeline The security pipeline
securitySettings ASPSecurityKit.ISecuritySettings The security settings
securityUtility ASPSecurityKit.ISecurityUtility The security utility.
errorResource ASPSecurityKit.IErrorMessageResourceProvider The error resource.
xssValidator ASPSecurityKit.Xss.IXssValidator The XSS validator.

Properties

ValidateXss

Summary

Gets or sets a value indicating whether cross-site scripting (XSS) validation should be performed on action parameters. The default is true.

Value

A Boolean value indicating whether cross-site scripting (XSS) validation should be performed on action parameters.

Methods

OnActionExecuted(context)

Summary

The handler for the event after the action has executed.

Parameters
Name Type Description
context Microsoft.AspNetCore.Mvc.Filters.ActionExecutedContext The filter context.

OnActionExecuting(context)

Summary

Initializes and executes the ISecurityPipeline before the action method executes.

Parameters
Name Type Description
context Microsoft.AspNetCore.Mvc.Filters.ActionExecutingContext The filter context.

OnActionExecutionAsync(context,next)

Summary

Initializes and executes the ISecurityPipeline before the action method executes.

Parameters
Name Type Description
context Microsoft.AspNetCore.Mvc.Filters.ActionExecutingContext The filter context.
next Microsoft.AspNetCore.Mvc.Filters.ActionExecutionDelegate The action delegate