Share via

IAntiforgeryAdditionalDataProvider Interface

  • Reference

Definition

Namespace:
Microsoft.AspNetCore.Antiforgery
Assembly:
Microsoft.AspNetCore.Antiforgery.dll
Package:
Microsoft.AspNetCore.Antiforgery v1.0.0
Package:
Microsoft.AspNetCore.Antiforgery v1.1.0
Package:
Microsoft.AspNetCore.Antiforgery v2.0.0
Package:
Microsoft.AspNetCore.Antiforgery v2.1.0
Package:
Microsoft.AspNetCore.Antiforgery v2.2.0
Package:
Microsoft.AspNetCore.App.Ref v3.0.1
Package:
Microsoft.AspNetCore.App.Ref v3.1.10
Package:
Microsoft.AspNetCore.App.Ref v5.0.0
Package:
Microsoft.AspNetCore.App.Ref v6.0.6
Package:
Microsoft.AspNetCore.App.Ref v7.0.5
Package:
Microsoft.AspNetCore.App.Ref v8.0.0
Package:
Microsoft.AspNetCore.App.Ref v9.0.0-rc.2.24474.3
Source:
IAntiforgeryAdditionalDataProvider.cs

Allows providing or validating additional custom data for antiforgery tokens. For example, the developer could use this to supply a nonce when the token is generated, then validate it when the token is validated.

public interface class IAntiforgeryAdditionalDataProvider
public interface IAntiforgeryAdditionalDataProvider
type IAntiforgeryAdditionalDataProvider = interface
Public Interface IAntiforgeryAdditionalDataProvider

Remarks

The antiforgery system already embeds the client's username within the generated tokens. This interface provides and consumes supplemental data. If an incoming antiforgery token contains supplemental data but no additional data provider is configured, the supplemental data will not be validated.

Methods

GetAdditionalData(HttpContext)

Provides additional data to be stored for the antiforgery tokens generated during this request.
ValidateAdditionalData(HttpContext, String)

Validates additional data that was embedded inside an incoming antiforgery token.

Applies to