Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > ASP.NET and ASP > Other ASP.NET > BOOK: Beginning ASP.NET Security
Password Reminder
Register
Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
BOOK: Beginning ASP.NET Security
This is the forum to discuss the Wrox book Beginning ASP.NET Security by Barry Dorrans; ISBN: 978-0-470-74365-2
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning ASP.NET Security section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developersí questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Display Modes
  #1 (permalink)  
Old October 10th, 2012, 02:50 PM
Registered User
Points: 58, Level: 1
Points: 58, Level: 1 Points: 58, Level: 1 Points: 58, Level: 1
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jul 2012
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default AntiCSRF in VB? - Chapter 4

I'm attempting to reproduce the AntiCSRF class from Chapter 4 in VB and my skill level is less than stellar.

In particular, I'm running into issues adding the
Code:
page.PreRender += PagePreRender;
line from the PreRequestHandlerExecute method.

Does this module exist in VB anywhere?
If not, can you push me in the right direction?
Thanks

My work-in-progress code:
Code:
Imports System
Imports System.Collections.Generic
Imports System.Linq
Imports System.Text
Imports System.Web
Imports System.Web.UI
Imports System.Globalization


Public Class AntiCSRF
    Implements IHttpModule

#Region "IHttpModule Members"
    Public Sub Dispose() Implements System.Web.IHttpModule.Dispose

    End Sub

    Public Sub Init(context As System.Web.HttpApplication) Implements System.Web.IHttpModule.Init
        AddHandler context.PreSendRequestHeaders, AddressOf AntiCSRF.PreSendRequestHeaders
        AddHandler context.PreRequestHandlerExecute, AddressOf AntiCSRF.PreRequestHandlerExecute
    End Sub
#End Region
    Private Shared Sub PreSendRequestHeaders(ByVal source As Object, ByVal args As EventArgs)
        
    End Sub
    Private Shared Sub PreRequestHandlerExecute(ByVal source As Object, ByVal args As EventArgs)
        Dim application As HttpApplication = CType(source, HttpApplication)
        Dim context As HttpContext = application.Context
        If (Not (context.Handler) Is Nothing) Then
            Dim page As Page = context.Handler
            If (Not (page) Is Nothing) Then

            End If
        End If
    End Sub
    Private Shared Sub PagePreRender(ByVal source As Object, ByVal eventArgs As EventArgs)
        Dim page As Page = CType(source, Page)
        If ((Not (page) Is Nothing) _
                    AndAlso (Not (page.Form) Is Nothing)) Then
            Dim csrfToken As String
            Dim context As HttpContext = HttpContext.Current
            If ((context.Request Is Nothing) _
                        OrElse ((context.Request.Cookies Is Nothing) _
                        OrElse ((context.Request.Cookies("__CSRFCOOKIE") Is Nothing) _
                        OrElse String.IsNullOrEmpty(context.Request.Cookies("__CSRFCOOKIE").Value)))) Then
                csrfToken = Guid.NewGuid.ToString("D", CultureInfo.InvariantCulture)
            Else
                csrfToken = page.Request.Cookies("__CSRFCOOKIE").Value
            End If
            Dim stateFormatter As ObjectStateFormatter = New ObjectStateFormatter
            page.ClientScript.RegisterHiddenField("__CSRFTOKEN", stateFormatter.Serialize(csrfToken))
        End If
    End Sub
End Class
  #2 (permalink)  
Old October 12th, 2012, 10:28 AM
Friend of Wrox
Points: 894, Level: 11
Points: 894, Level: 11 Points: 894, Level: 11 Points: 894, Level: 11
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Sep 2005
Location: London, , United Kingdom.
Posts: 166
Thanks: 2
Thanked 33 Times in 33 Posts
Default

Hi nthoeming,

I haven't code the code for that snippet, but is that not just registering the event handler for PreRender, in the same way as the PreSendRequestHeaders handler is being set in Init?

In which case you shopuld just be able to do
Code:
AddHandler page.PreRender, AddressOf PagePreRender
HTH
Phil
  #3 (permalink)  
Old October 12th, 2012, 03:33 PM
Registered User
Points: 58, Level: 1
Points: 58, Level: 1 Points: 58, Level: 1 Points: 58, Level: 1
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jul 2012
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default That works

Thanks, so far, so good...
 


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Chapter 4. AntiCSRF httpModule not working digitalsoul BOOK: Beginning ASP.NET Security 2 January 21st, 2011 08:28 AM
Chapter 8 Quick VB question ChuckASP BOOK: Beginning ASP.NET 3.5 : in C# and VB BOOK ISBN: 978-0-470-18759-3 1 March 7th, 2010 12:33 PM
Chapter 1 Page 52 using VB sammyw BOOK: Professional ADO.NET 3.5 with LINQ and the Entity Framework ISBN: 978-0-470-22988-0 0 March 27th, 2009 12:46 PM
Chapter 13 - vb ganesh_jai BOOK: Beginning ASP.NET 2.0 BOOK VB ISBN: 978-0-7645-8850-1; C# ISBN: 978-0-470-04258-8 0 January 15th, 2007 11:36 AM
Chapter 13 VB Version michaelcode BOOK: Beginning ASP.NET 2.0 BOOK VB ISBN: 978-0-7645-8850-1; C# ISBN: 978-0-470-04258-8 1 August 10th, 2006 10:07 AM



All times are GMT -4. The time now is 07:26 PM.


Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.