There is an unsaved comment in progress. You will lose your changes if you continue. Are you sure you want to reopen the work item?
Change to Antiforgery Token makes HtmlHelper.AntiForgeryToken less testable.
change in MVC4 RC broke one of our unit tests. In our application, we created an extension method for HtmlHelper which gerneates our sign out link. Our sign out link consists of a form post with a AntiForgeryToken. Our unit test validates that string
returned from the method matches an expected value. We had to search for, and remove the actual AntiForgery token value since it always changes, but the rest of the string is something we could validate. Here is a small code snippet that shows the use of html.AntiForgeryToken().
var form = string.Format(CultureInfo.InvariantCulture, format, html.AttributeEncode(url), html.AttributeEncode(linkText),html.AntiForgeryToken());
In MVC4 RC, the call to AntiForgeryToken(), now uses the parameterless version of AntiForgery.GetHtml(), which in turn throws an exception if HttpContext.Current is null.
We were able to work around this by setting HttpContext.Current to a new HttpContext in our setup method, instead of setting up the ViewContext.HttpContext which we were doing previously (with a fake based on
HttpContextBase). Thankfully we didn't need to setup or mock anything too specific for this test.