The tutorial Preventing CSRF by Mike Wasson, introduces a method called GetTokens() that is supposed to reside within the System.Web.Helpers.AntiForgery class (as confirmed on MSDN here).
I am using ASP.NET 4.0, C#, and MVC 3 and cannot find this method anywhere. It doesn't exist, and the MSDN page about the method doesn't not give any hints as to which version of the framework contains the GetTokens() method. Am I missing something? I left a comment on Mike Wasson's post, but he apparently doesn't read the comments there (at least not anymore) because I'm the second person to raise the question there and there are no responses.
Where can I find this method?
This method (as well as HttpRequestMessage class itself) is new to .NET 4.5. You most likely using an older version of this framework. But you can still manually iterate through the headers and check if the specific header is present.
Related
I've seen Missing inverse property in asp.net webapi odata $metadata and the WebAPI $metadata I'm dealing with behaves as described in this article: it doesn't reuse associations for bi-directional navigation properties.
When using jaysvcutil 1.3.5 all navigational properties come up as $$unbound.
$data.Entity.extend('API.Models.Document', {
...
'Document_Versions': {
'type':'Array',
'elementType':'API.Models.Document_Versions',
'inverseProperty':'$$unbound' }
});
Other than manually updating the inverseProperty information is there anything to get the desired result automatically?
Update based on #Robesz answer
Manually adding inverseProperty information to the static .js converted by JaySvcUtil is doable, but I'm asking if there's an option to accomplish that with the dynamic conversion as well.
There seems to be to options
make modifications to the .NET WebAPI. Might be challenging, because their seem to be good reason for their implementation, but maybe somebody already successfully did that.
modifying the conversion XSLT that JayData using to take that behavior into account.
We've just arrived to the same results with WebAPI OData, but after editing the generated context file manually and adding the inverseProperty everything is working fine
This should be most probably handled by extending JayData's XSLT conversion. I've created an issues for that on https://github.com/jaydata/jaydata/issues/155.
I have a tool that communicates with Gemini platform using .net API
CounterSoft.Gemini.Commons, Version 4.0.1.3038
Assembly CounterSoft.Gemini.WebServices, Version 4.0.1.3038
Now Gemini is going to be updated on the site I'm connecting with. AFAIU I have to update .net Gemini API wrappers too.
The problem is that API has been changed and it is a little bit tricky to find method in the new version.
Is there any howto guide?
I've checked http://docs.countersoft.com/rest-api/ but unable to find replacement for IssuesService.GetMyWork() method. In 4th version it return all issues that belongs to current user. I've tried to use Reflector but it fails to find something like GetMyWork method
Regards,
oleksa
We had to go through the same process and couldn't find a guide for it. However, what we did for "My Work" is use the GetFilteredItems method and passed in the resource in the filter:
IssuesFilter filter = new IssuesFilter();
filter.Resources = "1"; // Your user id
var myItems = service.ItemService.GetFilteredItems(filter);
I'm using the latest ASP.Net WebAPI Nightly builds (dated 2013-01-16).
I have a simple EF database first model at the moment that has two entities - Patients and Visits. Each patient can have many visits.
I'd like to be able to query for my list of patients and have the visits entities for each patient returned inline. I know that WebAPI's OData implementation doesn't yet support $expand. I'm hoping that just means that optional client-controlled expansion is not supported and that I can force expansion server-side.
At the moment I'm not getting any of the visits inline.
For example, my PatientController's() Get() method looks like
[Queryable(AllowedQueryOptions=AllowedQueryOptions.Supported)]
public override IQueryable<Patient> Get()
{
var query = this.entities.Patients.Include("Visits");
return query;
}
I've verified that the query executing against my database does indeed include the visit information.
To use a publicly available OData service as an example, if you use the service at http://services.odata.org/OData/OData.svc/, you can get a list of Suppliers. This is http://http://services.odata.org/OData/OData.svc/Suppliers.
You can also ask for a list of suppliers that includes the list of products using http://http://services.odata.org/OData/OData.svc/Suppliers?$expand=Products
Stepping through the ASP.NET code (via the symbols server) I've got to the System.Web.Http.OData.Formatter.Serialization.ODataEntityTypeSerializer and can see that it's CreatePropertyBag method, which builds up the list of properties to be serialized, just doesn't include the navigation properties, and they don't seem to be enumerated anywhere else apart from being written out as NavigationLinks.
I'm quite new to the ASP.NET world in general and have spent a week or so getting my head around the way things work (particularly with the changes made to OData at the end of 2012 and further changes made so far in 2013).
I suspect that if the ODataEntityTypeSerializer was to be modified (I'm happy to try) to embed this extra information in the appropriate spot (within each navigation link as an nested inline feed as best I can tell) then I'd be set.
Questions:
Have I overlooked something obvious and there's a flag I can set to turn on this behaviour? I can see why, if such a flag exists, it would be off by default (EF lazy loading and this flag wouldn't get on well)
If #1 is no, is there some other ODataEntityTypeSerializer that I could use? If so, how do I switch to it?
If #2 is no, any pointers for where I should start writing my own? Is there a place I can substitute in my own serializer or do I have to maintain my own fork of ASP.NET's Extensions project (as opposed to the Runtime project)
Thanks very much!
$expand is very high on our list of things to support for OData. But as far as I know, we don't have any flag to turn it on server-side. The formatter doesn't currently allow you to substitute your own serializers either. So I'm afraid your only option in the meantime is to create a fork and add support for $expand. If you manage to get it working, please consider sending a pull request our way:
http://aspnetwebstack.codeplex.com/SourceControl/network
You can try it already in webapi nightly builds.
Here is how to install it with nuget:
http://aspnetwebstack.codeplex.com/wikipage?title=Use%20Nightly%20Builds
I am not using any of asp.net Authentication in my code. It is handled by an outside library. I get back a success or failure from the function. So all the work is done for me.sCould I get some examples of how I would implement this in MVC3. I know a little, I have had 2 weeks experience.
Thanks.
AuthFunction("UserName", "password");
You need to implement your own MembershipProvider. The ValidateUser method will use AuthFunction method from your library.
This tutorial should be good. Just skip the repository things because those are already implemented by your library. Carefully check the configuration section at the bottom of the tutorial.
I want to dynamically change the layout, based on whether the user is accessing the site from a mobile device or not. I have a few questions on the subject.
I would like to change the layout once it's determined, but before the view is rendered. That is, is there some hook I can use where I can change layout.cshtml to layout.mobile.cshtml "recursively" for any nested layouts that there might be.
Is overriding RazorViewEngine's CreateView method enough? It takes a masterPath parameter, so maybe I could implement a custom RazorViewEngine and override this method, right?
The second question would be regarding mobile browser detection. I don't really care that much about specific devices. I just want to differentiate desktop from mobile. Is something like WURFL a necessity in this case?
Is checking something like Request.Browser.ScreenPixelsWidth and ScreenPixelsHeigth ridiculous? (since most I'd be changing would be using or not jQuery.mobile and it's data-attributes.
This functionality is built-into ASP.NET MVC 4 so you get it out-of-the-box.
Scott Hansleman blogged about how you could achieve the same in ASP.NET MVC 3 and be ready for the upgrade because the NuGet he suggested is spec-compatible with ASP.NET MVC 4.
If you can, use ASP MVC 4 as Darin Dimitrov pointed out. It supports this out of the box.
If you are stuck on MVC 3, here's how we do it in our product:
1) Install WURFL
2) Implement an HttpCapabilitiesProvider which calls WURFL and resolves device capabilities; stuff resolved caps into the result. Be sure to add a property called isMobileBrowser (wurfl exposes this)
3) Tell .NET to use your capabilities provider instead of default HttpCapabilitiesBase.BrowserCapabilitiesProvider = new YourBrowserCapabilitiesProvider(_wurflManager);
4) Create a CustomViewEngine (inherit RazorViewEngine). Override FindPartialView & FindView. These should look at controllerContext.RequestContext.HttpContext.Request.Browser.Capabilities["isMobileBrowser"] and map to appropriate name, eg myView.cshtml.mobile. You need to resolve both viewName and masterName.
4.1) Still in CustomViewEngine's FindPartialView & FindView, search search ~/Views/{0}/{1} and ~/Views/Shared/{0}/{1} where {0} is the controller (controllerContext.RouteData.GetRequiredString("controller")) and {1} is your mapped view name
4.2) Return return new ViewEngineResult(CreateView(controllerContext, viewPath, masterPath), this);