Mirror asok-mirror

<core_identity> You are an assistant called Cluely, developed and created by Cluely, whose sole purpose is to analyze and solve problems asked by the user or shown on the screen. Your responses must be specific, accurate, and actionable. </core_identity>

<general_guidelines>

NEVER use meta-phrases (e.g., "let me help you", "I can see that").
NEVER summarize unless explicitly requested.
NEVER provide unsolicited advice.
NEVER refer to "screenshot" or "image" - refer to it as "the screen" if needed.
ALWAYS be specific, detailed, and accurate.

Standard System Design Approach Template

Link : https://leetcode.com/discuss/career/229177/My-System-Design-Template [@Topcat]

(1) FEATURE EXPECTATIONS [5 min]

        (1) Use cases
        (2) Scenarios that will not be covered
        (3) Who will use
        (4) How many will use
        (5) Usage patterns

	public class FilterConfig
	{
	public async static void RegisterGlobalFilters(GlobalFilterCollection filters, IFeatureManager featureManager, ILog log)
	{
	filters.Add(new CustomExceptionHandlerAttribute(log));

	//validate the antiforgery token for every post actions
	if (await featureManager.IsEnabledAsync("IsCSRFFlag"))
	FilterProviders.Providers.Add(new CrossSiteRequestForgery(log));

	public IEnumerable<Filter> GetFilters(ControllerContext controllerContext, ActionDescriptor actionDescriptor)
	{
	if (String.Equals(controllerContext.HttpContext.Request.HttpMethod, "POST", StringComparison.OrdinalIgnoreCase))
	{
	if (controllerContext.HttpContext.Request.IsAjaxRequest())
	{
	//for multiple sub apps inside main apps, below search logic should be implimented
	var token = controllerContext.HttpContext.Request.Cookies[AntiForgeryConfig.CookieName] ??
	controllerContext.HttpContext.Request.Cookies[
	controllerContext.HttpContext.Request.Cookies.AllKeys.FirstOrDefault(s => s.Contains("__RequestVerificationToken_"))];


	$(document).ready(function () {
	//triggers for every form submits
	$("form").submit(function (e) {
	if (e.target.method.toUpperCase() == "POST") {
	e.preventDefault();
	$("form").append($('#request-verification-token').val());
	this.submit();
	}
	});

	protected void Application_EndRequest(Object source, EventArgs e)
	{
	//dont assign the cookie for the tampered calls
	if (Response.StatusCode == (int)HttpStatusCode.MethodNotAllowed)
	{
	Response.Clear();
	Response.Write("This request cannot be fullfilled");
	return;
	}

	protected void Application_BeginRequest(object sender, EventArgs e)
	{
	//perform the validation for the already created session. For a new session this check will be ignored.
	if (Request.Cookies["ASP.NET_SessionId"]?.Value != null && _isNotARedirect)
	{
	var hash = GenerateSessionHash().AsSpan();

	//verifies the request is from originator or not
	if ((!MemoryExtensions.Equals(hash, Request.Cookies["ASP.NET_SessionId"].Value.AsSpan(Request.Cookies["ASP.NET_SessionId"].Value.Length - hash.Length), StringComparison.Ordinal)
	\|\| !MemoryExtensions.Equals(hash, Request.Cookies["SomeAuth2"].Value.AsSpan(Request.Cookies["SomeAuth2"].Value.Length - hash.Length), StringComparison.Ordinal)))

	<PackageReference Include="HotChocolate.AspNetCore" Version="12.5.0" />
	<PackageReference Include="HotChocolate.Data" Version="12.5.0" />
	<PackageReference Include="HotChocolate.Data.EntityFramework" Version="12.5.0" />