Add-KrAntiforgeryMiddleware
SYNOPSIS
Adds an Antiforgery service to the server.
SYNTAX
Items (Default)
Add-KrAntiforgeryMiddleware [-FormFieldName <string>] [-CookieName <string>] [-HeaderName <string>]
[-SuppressXFrameOptionsHeader] [-SuppressReadingTokenFromFormBody] [<CommonParameters>]
Options
Add-KrAntiforgeryMiddleware -Options <AntiforgeryOptions> [<CommonParameters>]
ALIASES
This cmdlet has the following aliases, {{Insert list of aliases}}
DESCRIPTION
This cmdlet allows you to configure the Antiforgery service for the Kestrun server. It can be used to protect against Cross-Site Request Forgery (CSRF) attacks by generating and validating antiforgery tokens.
EXAMPLES
EXAMPLE 1
Add-KrAntiforgeryMiddleware -Cookie $cookieBuilder -FormField ‘__RequestVerificationToken’ -HeaderName ‘X-CSRF-Token’ -SuppressXFrameOptionsHeader This example adds an Antiforgery service to the server with a custom cookie builder, form field name, and header name.
EXAMPLE 2
Add-KrAntiforgeryMiddleware -Options $options This example adds an Antiforgery service to the server using the specified Antiforgery options.
PARAMETERS
-CookieName
The name of the cookie to use for the Antiforgery token. Default is ‘.Kestrun.AntiXSRF’.
Type: System.String
DefaultValue: .Kestrun.AntiXSRF
SupportsWildcards: false
Aliases: []
ParameterSets:
- Name: Items
Position: Named
IsRequired: false
ValueFromPipeline: false
ValueFromPipelineByPropertyName: false
ValueFromRemainingArguments: false
DontShow: false
AcceptedValues: []
HelpMessage: ''
-FormFieldName
The name of the form field to use for the Antiforgery token. If not specified, the default will be used.
Type: System.String
DefaultValue: ''
SupportsWildcards: false
Aliases: []
ParameterSets:
- Name: Items
Position: Named
IsRequired: false
ValueFromPipeline: false
ValueFromPipelineByPropertyName: false
ValueFromRemainingArguments: false
DontShow: false
AcceptedValues: []
HelpMessage: ''
-HeaderName
The name of the header to use for the Antiforgery token. Default is ‘X-CSRF-TOKEN’.
Type: System.String
DefaultValue: X-CSRF-TOKEN
SupportsWildcards: false
Aliases: []
ParameterSets:
- Name: Items
Position: Named
IsRequired: false
ValueFromPipeline: false
ValueFromPipelineByPropertyName: false
ValueFromRemainingArguments: false
DontShow: false
AcceptedValues: []
HelpMessage: ''
-Options
The Antiforgery options to configure the service.
Type: Microsoft.AspNetCore.Antiforgery.AntiforgeryOptions
DefaultValue: ''
SupportsWildcards: false
Aliases: []
ParameterSets:
- Name: Options
Position: Named
IsRequired: true
ValueFromPipeline: false
ValueFromPipelineByPropertyName: false
ValueFromRemainingArguments: false
DontShow: false
AcceptedValues: []
HelpMessage: ''
-SuppressReadingTokenFromFormBody
If specified, the Antiforgery service will not read tokens from the form body. This option is only available in .NET 9.0+ / PowerShell 7.6+.
Type: System.Management.Automation.SwitchParameter
DefaultValue: False
SupportsWildcards: false
Aliases: []
ParameterSets:
- Name: Items
Position: Named
IsRequired: false
ValueFromPipeline: false
ValueFromPipelineByPropertyName: false
ValueFromRemainingArguments: false
DontShow: false
AcceptedValues: []
HelpMessage: ''
-SuppressXFrameOptionsHeader
If specified, the X-Frame-Options header will not be added to responses.
Type: System.Management.Automation.SwitchParameter
DefaultValue: False
SupportsWildcards: false
Aliases: []
ParameterSets:
- Name: Items
Position: Named
IsRequired: false
ValueFromPipeline: false
ValueFromPipelineByPropertyName: false
ValueFromRemainingArguments: false
DontShow: false
AcceptedValues: []
HelpMessage: ''
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.