Unit testing for ValidateAntiForgeryToken and clever navigation in the ReSharper/Rider test runner

added by DotNetKicks
1/11/2019 1:46:55 PM

1 Kicks, 421 Views

We all know it's important to prevent Cross-Site Request Forgery (CSRF) attacks against our application. Unfortunately, our inherited code base has zero measures implemented - not one action methods with a [ValidateAntiForgeryToken] attribute in sight! In the previous post, we looked at using Structural Search and Replace in ReSharper to find all action methods in our inherited code base.