diff --git a/src/Controllers/BlogController.cs b/src/Controllers/BlogController.cs index 3f132b14..b89fad39 100644 --- a/src/Controllers/BlogController.cs +++ b/src/Controllers/BlogController.cs @@ -13,17 +13,11 @@ public class BlogController : Controller { private IBlogService _blog; private IOptionsSnapshot _settings; - private static int _afrt; public BlogController(IBlogService blog, IOptionsSnapshot settings) { _blog = blog; _settings = settings; - - if (_afrt == default(int)) - { - _afrt = (_settings.Value.Name + DateTime.UtcNow.ToShortDateString()).GetHashCode(); - } } [Route("/{page:int?}")] @@ -66,7 +60,6 @@ public async Task Post(string slug) if (post != null) { - ViewData["afrt"] = _afrt; return View(post); } @@ -165,12 +158,12 @@ public async Task DeletePost(string id) } [Route("/blog/comment/{postId}")] - [HttpPost] + [HttpPost, AutoValidateAntiforgeryToken] public async Task AddComment(string postId, Comment comment) { var post = await _blog.GetPostById(postId); - if (!ModelState.IsValid || Request.Form["__afrt"] != _afrt.ToString()) + if (!ModelState.IsValid) { return View("Post", post); } @@ -191,15 +184,10 @@ public async Task AddComment(string postId, Comment comment) return Redirect(post.GetLink() + "#" + comment.ID); } - [Route("/blog/comment/{postId}/{commentId}/{afrt:int}")] + [Route("/blog/comment/{postId}/{commentId}")] [Authorize] - public async Task DeleteComment(string postId, string commentId, int afrt) + public async Task DeleteComment(string postId, string commentId) { - if (afrt != _afrt) - { - return NotFound(); - } - var post = await _blog.GetPostById(postId); if (post == null) diff --git a/src/Startup.cs b/src/Startup.cs index e7d6c14a..7758d154 100644 --- a/src/Startup.cs +++ b/src/Startup.cs @@ -47,6 +47,7 @@ public void ConfigureServices(IServiceCollection services) services.TryAddSingleton(); services.AddMetaWeblog(); + // Output caching (https://github.com/madskristensen/WebEssentials.AspNetCore.OutputCaching) services.AddOutputCaching(options => { options.Profiles["default"] = new OutputCacheProfile @@ -55,6 +56,7 @@ public void ConfigureServices(IServiceCollection services) }; }); + // Cookie authentication. services .AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(options => @@ -63,6 +65,7 @@ public void ConfigureServices(IServiceCollection services) options.LogoutPath = "/logout/"; }); + // HTML minification (https://github.com/Taritsyn/WebMarkupMin) services .AddWebMarkupMin(options => { @@ -74,8 +77,9 @@ public void ConfigureServices(IServiceCollection services) options.MinificationSettings.RemoveOptionalEndTags = false; options.MinificationSettings.WhitespaceMinificationMode = WhitespaceMinificationMode.Safe; }); - services.AddSingleton(); + services.AddSingleton(); // Used by HTML minifier + // Bundling, minification and Sass transpilation (https://github.com/ligershark/WebOptimizer) services.AddWebOptimizer(pipeline => { pipeline.MinifyJsFiles(); diff --git a/src/Views/Blog/Comments.cshtml b/src/Views/Blog/Comments.cshtml index fcb7af0a..80d95999 100644 --- a/src/Views/Blog/Comments.cshtml +++ b/src/Views/Blog/Comments.cshtml @@ -35,7 +35,7 @@

Be the first to post a comment

} -
+

Post a comment


@@ -51,7 +51,6 @@
-
} diff --git a/src/wwwroot/js/site.js b/src/wwwroot/js/site.js index 6d4d838b..20cca984 100644 --- a/src/wwwroot/js/site.js +++ b/src/wwwroot/js/site.js @@ -25,7 +25,7 @@ function urlify(text) { return text.replace(/(((https?:\/\/)|(www\.))[^\s]+)/g, function (url, b, c) { - var url2 = c == 'www.' ? 'http://' + url : url; + var url2 = c === 'www.' ? 'http://' + url : url; return '' + url + ''; }); }