What is the use of @ Html.AntiForgeryToken ()?

Question

What is the use of @ Html.AntiForgeryToken ()?

Why do we need to use @Html.AntiForgeryToken()? I searched, but I did not get a satisfactory answer.

+31

asp.net-mvc html.beginform

Mhd Jun 27 '17 at 15:03

source share

3 answers

MVC. -10 OWASP -. @Html.AntiforgeryToken() , .

+10

Jordi Corbilla 27 . '17 15:09

@Html.AntiForgeryToken()?

Live - :

, . , , URL . . . , , , . , URL .

AntiForgeryToken() , .

+2

Arun Kumar Tiwari 30 sept '19 at 7:08

source share

Dynamikus · Accepted Answer · 2017-06-27T15:13:40+0000

This is a security feature that helps protect your application from fake subpages.

Example:

Suppose you have a registration function in your web application. You have an AccountController (somename.com/account/register) where you expect people to submit their information. Usually, before someone submits registration information, you need to visit the actual (somename.com/account/register) than submit the form.

, , , , , - (somename.com/account/register) . , , AntiForgeryToken, , , .

: (http://www.binaryintellect.net/articles/20e546b4-3ae9-416b-878e-5b12434fe7a6.aspx)

What is the use of @ Html.AntiForgeryToken ()?

More articles: