Merge remote-tracking branch 'origin/dev-v7' into temp8
# Conflicts: # .editorconfig # .gitignore # src/Umbraco.Core/Persistence/Repositories/EntityRepository.cs # src/Umbraco.Core/Persistence/Repositories/UserRepository.cs # src/Umbraco.Web.UI.Client/src/common/services/navigation.service.js # src/Umbraco.Web.UI.Client/src/less/components/buttons/umb-era-button.less # src/Umbraco.Web.UI.Client/src/views/common/dialogs/login.html # src/Umbraco.Web.UI.Client/src/views/common/overlays/contenttypeeditor/compositions/compositions.controller.js # src/Umbraco.Web.UI.Client/src/views/common/overlays/contenttypeeditor/compositions/compositions.html # src/Umbraco.Web.UI.Client/src/views/content/content.delete.controller.js # src/Umbraco.Web.UI.Client/src/views/content/content.restore.controller.js # src/Umbraco.Web.UI.Client/src/views/content/restore.html # src/Umbraco.Web.UI.Client/src/views/dashboard/developer/healthcheck.html # src/Umbraco.Web.UI.Client/src/views/media/media.move.controller.js # src/Umbraco.Web.UI.Client/src/views/media/move.html # src/Umbraco.Web.UI.Client/src/views/propertyeditors/grid/dialogs/layoutconfig.controller.js # src/Umbraco.Web.UI.Client/src/views/propertyeditors/grid/dialogs/rowconfig.controller.js # src/Umbraco.Web.UI.Client/src/views/propertyeditors/listview/listview.controller.js # src/Umbraco.Web.UI.Client/src/views/propertyeditors/listview/listview.html # src/Umbraco.Web.UI/Umbraco/config/lang/da.xml # src/Umbraco.Web.UI/config/umbracoSettings.Release.config # src/Umbraco.Web.UI/umbraco/config/lang/en.xml # src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml # src/Umbraco.Web/Controllers/UmbLoginController.cs # src/Umbraco.Web/Controllers/UmbLoginStatusController.cs # src/Umbraco.Web/Controllers/UmbProfileController.cs # src/Umbraco.Web/Controllers/UmbRegisterController.cs # src/Umbraco.Web/Editors/ContentController.cs # src/Umbraco.Web/Editors/ContentTypeControllerBase.cs # src/Umbraco.Web/HtmlHelperRenderExtensions.cs # src/Umbraco.Web/Trees/ContentTreeController.cs # src/Umbraco.Web/Trees/MediaTreeController.cs # src/Umbraco.Web/umbraco.presentation/umbraco/create/XsltTasks.cs # src/Umbraco.Web/umbraco.presentation/umbraco/create/xslt.ascx.cs # src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/editXslt.aspx.cs # src/Umbraco.Web/umbraco.presentation/umbraco/webservices/codeEditorSave.asmx.cs
This commit is contained in:
Shannon
@@ -4,6 +4,7 @@ using System.ComponentModel;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Web;
|
||||
using System.Web.Helpers;
|
||||
using System.Web.Mvc;
|
||||
using System.Web.Mvc.Html;
|
||||
using System.Web.Routing;
|
||||
@@ -222,6 +223,7 @@ namespace Umbraco.Web
|
||||
{
|
||||
_viewContext = viewContext;
|
||||
_method = method;
|
||||
_controllerName = controllerName;
|
||||
_encryptedString = UmbracoHelper.CreateEncryptedRouteString(controllerName, controllerAction, area, additionalRouteVals);
|
||||
}
|
||||
|
||||
@@ -229,6 +231,7 @@ namespace Umbraco.Web
|
||||
private readonly FormMethod _method;
|
||||
private bool _disposed;
|
||||
private readonly string _encryptedString;
|
||||
private readonly string _controllerName;
|
||||
|
||||
protected override void Dispose(bool disposing)
|
||||
{
|
||||
@@ -236,6 +239,16 @@ namespace Umbraco.Web
|
||||
return;
|
||||
this._disposed = true;
|
||||
|
||||
//Detect if the call is targeting UmbRegisterController/UmbProfileController/UmbLoginStatusController/UmbLoginController and if it is we automatically output a AntiForgeryToken()
|
||||
// We have a controllerName and area so we can match
|
||||
if (_controllerName == "UmbRegister"
|
||||
|| _controllerName == "UmbProfile"
|
||||
|| _controllerName == "UmbLoginStatus"
|
||||
|| _controllerName == "UmbLogin")
|
||||
{
|
||||
_viewContext.Writer.Write(AntiForgery.GetHtml().ToString());
|
||||
}
|
||||
|
||||
//write out the hidden surface form routes
|
||||
_viewContext.Writer.Write("<input name='ufprt' type='hidden' value='" + _encryptedString + "' />");
|
||||
|
||||
|
||||
Reference in New Issue
Block a user