What is a .AspNetCore.Antiforgery.xxxxxxx cookie in .Net Core?

Question

What is a .AspNetCore.Antiforgery.xxxxxxx cookie in .Net Core?

I tried to use the ValidateAntiForgeryToken in .Net Core, but I was getting a .AspNetCore.Antiforgery.xxxxxxx cookie.

What is a .AspNetCore.Antiforgery.xxxxxxx cookie?

+4

c # .net asp.net-core .net-core antiforgerytoken

Sharif mamun Sep 13 '17 at 23:57

source share

1 answer

Set · Accepted Answer · 2017-09-14T05:29:41+0000

ASP.NET Core searches this cookie to find the X-CSRF token.

ValidateAntiForgeryToken is an action filter in which requests made with actions that apply this filter will be blocked if the request does not contain a valid antiforgery token.

Typically, ASP.NET Core can look for a token in a cookie or header. So you may have a situation where

cookie
cookie , ASP.NET.

ASP.NET cookie, DefaultCookiePrefix ( ".AspNetCore.Antiforgery." ).

, antiforgery CookieName:

services.AddAntiforgery(options => options.CookieName = "X-CSRF-TOKEN-COOKIENAME");

, :

services.AddAntiforgery(options => options.HeaderName = "X-XSRF-TOKEN");

:

What is a .AspNetCore.Antiforgery.xxxxxxx cookie in .Net Core?

More articles: