Hi @Adeel Mirza ,
You can implement it like in asp.net mvc.
- Generate a token on the server and store it (e.g. in the session)
- send token to client
- The client sends it back to the server along with the "normal" form data
- Check the token on the server if needed
You can refer to the following documents:
Preventing Cross-Site Request Forgery (CSRF) Attacks in ASP.NET MVC Application
https://learn.microsoft.com/en-us/aspnet/web-api/overview/security/preventing-cross-site-request-forgery-csrf-attacks
XSRF/CSRF Prevention in ASP.NET MVC and Web Pages
https://learn.microsoft.com/en-us/aspnet/mvc/overview/security/xsrfcsrf-prevention-in-aspnet-mvc-and-web-pages
Best regards,
Lan Huang
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.