Combining HttpPost and ValidateAntiForgeryToken

Posted by: K. Scott Allen, on 08 Sep 2016 | View original | Bookmarked: 0 time(s)

Ive been kicking around the idea of combining [HttpPost] and [ValidateAntiForgeryToken] in an application using authentication cookies. Both attributes typically appear together to prevent cross-site request forgeries in MVC applications using cookie based authentication. The result looks like the following. [HttpPostWithValidAntiForgeryToken] public IActionResult Edit(Input model) { // ... } And the attribute definition is as follows. public class HttpPostWithValidAntiForgeryToken : Attribute,...

Category: Data | Other Posts: View all posts by this blogger | Report as irrelevant | View bloggers stats | Views: 303 | Hits: 4

News Categories

.NET | Agile | Ajax | Architecture | ASP.NET | BizTalk | C# | Certification | Data | DataGrid | DataSet | Debugger | DotNetNuke | Events | GridView | IIS | Indigo | JavaScript | Mobile | Mono | Patterns and Practices | Performance | Podcast | Refactor | Regex | Security | Sharepoint | Silverlight | Smart Client Applications | Software | SQL | VB.NET | Visual Studio | W3 | WCF | WinFx | WPF | WSE | XAML | XLinq | XML | XSD