Implementing request varification tokan

Adeel Mirza 121 Reputation points

I have read some articles on preventing cross site requests within an webpage by using request verification token in MVC and ASP.NET Core application.
But is there a way to implement this token in a classic ASP.NET application

A set of technologies in the .NET Framework for building web applications and XML web services.
1,481 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Lan Huang-MSFT 15,211 Reputation points Microsoft Vendor

    Hi @Adeel Mirza ,
    You can implement it like in mvc.

    • Generate a token on the server and store it (e.g. in the session)
    • send token to client
    • The client sends it back to the server along with the "normal" form data
    • Check the token on the server if needed

    You can refer to the following documents:
    Preventing Cross-Site Request Forgery (CSRF) Attacks in ASP.NET MVC Application
    XSRF/CSRF Prevention in ASP.NET MVC and Web Pages
    Best regards,
    Lan Huang

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.