Antiforgery

src/Antiforgery/src/Internal/AntiforgeryFeature.cs

@@ -6,7 +6,7 @@ namespace Microsoft.AspNetCore.Antiforgery;
 /// <summary>
 /// Used to hold per-request state.
 /// </summary>
-internal class AntiforgeryFeature : IAntiforgeryFeature
+internal sealed class AntiforgeryFeature : IAntiforgeryFeature
 {
     public bool HaveDeserializedCookieToken { get; set; }
 

src/Antiforgery/src/Internal/AntiforgeryOptionsSetup.cs

@@ -9,7 +9,7 @@
 
 namespace Microsoft.AspNetCore.Antiforgery;
 
-internal class AntiforgeryOptionsSetup : IConfigureOptions<AntiforgeryOptions>
+internal sealed class AntiforgeryOptionsSetup : IConfigureOptions<AntiforgeryOptions>
 {
     private readonly DataProtectionOptions _dataProtectionOptions;
 

src/Antiforgery/src/Internal/AntiforgerySerializationContext.cs

@@ -5,7 +5,7 @@
 
 namespace Microsoft.AspNetCore.Antiforgery;
 
-internal class AntiforgerySerializationContext
+internal sealed class AntiforgerySerializationContext
 {
     // Avoid allocating 256 bytes (the default) and using 18 (the AntiforgeryToken minimum). 64 bytes is enough for
     // a short username or claim UID and some additional data. MemoryStream bumps capacity to 256 if exceeded.

src/Antiforgery/src/Internal/AntiforgerySerializationContextPooledObjectPolicy.cs

@@ -5,7 +5,7 @@
 
 namespace Microsoft.AspNetCore.Antiforgery;
 
-internal class AntiforgerySerializationContextPooledObjectPolicy : IPooledObjectPolicy<AntiforgerySerializationContext>
+internal sealed class AntiforgerySerializationContextPooledObjectPolicy : IPooledObjectPolicy<AntiforgerySerializationContext>
 {
     public AntiforgerySerializationContext Create()
     {

src/Antiforgery/src/Internal/DefaultAntiforgery.cs

@@ -14,7 +14,7 @@ namespace Microsoft.AspNetCore.Antiforgery;
 /// Provides access to the antiforgery system, which provides protection against
 /// Cross-site Request Forgery (XSRF, also called CSRF) attacks.
 /// </summary>
-internal class DefaultAntiforgery : IAntiforgery
+internal sealed class DefaultAntiforgery : IAntiforgery
 {
     private readonly AntiforgeryOptions _options;
     private readonly IAntiforgeryTokenGenerator _tokenGenerator;
@@ -373,7 +373,7 @@ private IAntiforgeryFeature GetTokensInternal(HttpContext httpContext)
     /// Sets the 'Cache-Control' header to 'no-cache, no-store' and 'Pragma' header to 'no-cache' overriding any user set value.
     /// </summary>
     /// <param name="httpContext">The <see cref="HttpContext"/>.</param>
-    protected virtual void SetDoNotCacheHeaders(HttpContext httpContext)
+    private void SetDoNotCacheHeaders(HttpContext httpContext)
     {
         var logWarning = false;
         var responseHeaders = httpContext.Response.Headers;

src/Antiforgery/src/Internal/DefaultAntiforgeryAdditionalDataProvider.cs

@@ -8,7 +8,7 @@ namespace Microsoft.AspNetCore.Antiforgery;
 /// <summary>
 /// A default <see cref="IAntiforgeryAdditionalDataProvider"/> implementation.
 /// </summary>
-internal class DefaultAntiforgeryAdditionalDataProvider : IAntiforgeryAdditionalDataProvider
+internal sealed class DefaultAntiforgeryAdditionalDataProvider : IAntiforgeryAdditionalDataProvider
 {
     /// <inheritdoc />
     public string GetAdditionalData(HttpContext context)

src/Antiforgery/src/Internal/DefaultAntiforgeryTokenGenerator.cs

@@ -8,7 +8,7 @@
 
 namespace Microsoft.AspNetCore.Antiforgery;
 
-internal class DefaultAntiforgeryTokenGenerator : IAntiforgeryTokenGenerator
+internal sealed class DefaultAntiforgeryTokenGenerator : IAntiforgeryTokenGenerator
 {
     private readonly IClaimUidExtractor _claimUidExtractor;
     private readonly IAntiforgeryAdditionalDataProvider _additionalDataProvider;

src/Antiforgery/src/Internal/DefaultAntiforgeryTokenSerializer.cs

@@ -7,7 +7,7 @@
 
 namespace Microsoft.AspNetCore.Antiforgery;
 
-internal class DefaultAntiforgeryTokenSerializer : IAntiforgeryTokenSerializer
+internal sealed class DefaultAntiforgeryTokenSerializer : IAntiforgeryTokenSerializer
 {
     private const string Purpose = "Microsoft.AspNetCore.Antiforgery.AntiforgeryToken.v1";
     private const byte TokenVersion = 0x01;

src/Antiforgery/src/Internal/DefaultAntiforgeryTokenStore.cs

@@ -8,7 +8,7 @@
 
 namespace Microsoft.AspNetCore.Antiforgery;
 
-internal class DefaultAntiforgeryTokenStore : IAntiforgeryTokenStore
+internal sealed class DefaultAntiforgeryTokenStore : IAntiforgeryTokenStore
 {
     private readonly AntiforgeryOptions _options;
 

src/Antiforgery/src/Internal/DefaultClaimUidExtractor.cs

@@ -11,7 +11,7 @@ namespace Microsoft.AspNetCore.Antiforgery;
 /// <summary>
 /// Default implementation of <see cref="IClaimUidExtractor"/>.
 /// </summary>
-internal class DefaultClaimUidExtractor : IClaimUidExtractor
+internal sealed class DefaultClaimUidExtractor : IClaimUidExtractor
 {
     private readonly ObjectPool<AntiforgerySerializationContext> _pool;