jamescrowley/AntiForgeryTokenFilter.cs

## AntiForgeryTokenFilter.cs
public class AntiForgeryTokenFilter : IAuthorizationFilter
{
    public void OnAuthorization(AuthorizationContext filterContext)
    {
        if (IsHttpPostRequest(filterContext) && !SkipCsrfCheck(filterContext))
            AntiForgery.Validate();
    }

    private static bool IsHttpPostRequest(AuthorizationContext filterContext)
    {
        return filterContext.RequestContext.HttpContext.Request.HttpMethod == HttpMethod.Post.ToString();
    }

    private static bool SkipCsrfCheck(AuthorizationContext filterContext)
    {
        return filterContext.ActionDescriptor.GetCustomAttributes(typeof (SkipCSRFCheck), false).Any();
    }
}

## SkipCSRFCheck.cs
public class SkipCSRFCheck : Attribute
{
}
	public class AntiForgeryTokenFilter : IAuthorizationFilter
	{
	public void OnAuthorization(AuthorizationContext filterContext)
	{
	if (IsHttpPostRequest(filterContext) && !SkipCsrfCheck(filterContext))
	AntiForgery.Validate();
	}

	private static bool IsHttpPostRequest(AuthorizationContext filterContext)
	{
	return filterContext.RequestContext.HttpContext.Request.HttpMethod == HttpMethod.Post.ToString();
	}

	private static bool SkipCsrfCheck(AuthorizationContext filterContext)
	{
	return filterContext.ActionDescriptor.GetCustomAttributes(typeof (SkipCSRFCheck), false).Any();
	}
	}