asp.net-mvc Html.AntiForgeryToken Basic usage
Example
The @Html.AntiForgeryToken() helper method protects against cross-site request forgery (or CSRF) attacks.
It can be used by simply using the Html.AntiForgeryToken() helper within one of your existing forms and decorating its corresponding Controller Action with the [ValidateAntiForgeryToken] attribute.
Razor (YourView.cshtml)
@using (Html.BeginForm("Manage", "Account")) {
@Html.AntiForgeryToken()
<!-- ... -->
}
OR
<form>
@Html.AntiForgeryToken()
<!-- ... -->
</form>
Controller (YourController.cs)
The target action method:
[ValidateAntiForgeryToken]
[HttpPost]
public ActionResult ActionMethod(ModelObject model)
{
// ...
}
