IAntiforgery Interface
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Provides access to the antiforgery system, which provides protection against Cross-site Request Forgery (XSRF, also called CSRF) attacks.
public interface class IAntiforgery
public interface IAntiforgery
type IAntiforgery = interface
Public Interface IAntiforgery
Get |
Generates an AntiforgeryTokenSet for this request and stores the cookie token in the response. This operation also sets the "Cache-control" and "Pragma" headers to "no-cache" and the "X-Frame-Options" header to "SAMEORIGIN". |
Get |
Generates an AntiforgeryTokenSet for this request. |
Is |
Asynchronously returns a value indicating whether the request passes antiforgery validation. If the request uses a safe HTTP method (GET, HEAD, OPTIONS, TRACE), the antiforgery token is not validated. |
Set |
Generates and stores an antiforgery cookie token if one is not available or not valid. |
Validate |
Validates an antiforgery token that was supplied as part of the request. |
Get |
Generates an <input type="hidden"> element for an antiforgery token. |
Product | Versions |
---|---|
ASP.NET Core | 1.0, 1.1, 2.0, 2.1, 2.2, 3.0, 3.1, 5.0, 6.0, 7.0, 8.0, 9.0 |