Proposal: Modify the way AntiForgeryToken works to allow for proxy caching

Topics: General
Sep 29, 2011 at 8:04 PM

I'd like to propose that we build some functionality into the Orchard core to allow for reverse-proxy-caching of pages that use forms. A proxy that supports web fetch/edge side includes could call back to a service to retrive an AntiForgeryToken that would allow aggressive caching while still preventing form forgery. I haven't thought through entirely how this would work, but I imagine it would be similar to what Sebastien is doing in his Caching module.