The WPL site on CodePlex now has the May CTP code only release for the Web Protection Library and a Word document introducing the new extensibility points for the Security Runtime Engine. I haven’t released binaries because it’s just a preview, it is in no way ready for production and I want to discourage you even thinking of that. So why did I make the source available? Simple – feedback. This represents a rewrite of the Security Runtime and a new way for you to easily write plug-ins for it. Rather than simply decide what’s best for our users...
(And yes, I did mean PlugIns – darned FXCop rules) After a couple of weeks of experimentation with code I think I have the plug-in model complete now. As suggested by Travis in the comments on a previous post as many parameters as possible are now using System.Web.Abstractions. Right now there are three main interfaces: /// <summary>
/// Defines methods that must be implemented for request inspection.
/// </summary>
public interface IRequestInspector : ISecurityRuntimePlugIn
{
/// <summary>
/// Inspects an HTTP request for potential problems.
/// </summary>
/// <param name="request">The...