Microsoft.AspNetCore.Antiforgery Namespace
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Provides types designed to generate and validate tokens to prevent Cross-Site Request Forgery attacks.
Classes
| AntiforgeryOptions |
Provides programmatic configuration for the antiforgery token system. |
| AntiforgeryTokenSet |
The antiforgery token pair (cookie and request token) for a request. |
| AntiforgeryValidationException |
The Exception that is thrown when the antiforgery token validation fails. |
| RequireAntiforgeryTokenAttribute |
An attribute that can be used to indicate whether the antiforgery token must be validated. |
Interfaces
| IAntiforgery |
Provides access to the antiforgery system, which provides protection against Cross-site Request Forgery (XSRF, also called CSRF) attacks. |
| IAntiforgeryAdditionalDataProvider |
Allows providing or validating additional custom data for antiforgery tokens. For example, the developer could use this to supply a nonce when the token is generated, then validate it when the token is validated. |
| IAntiforgeryMetadata |
A marker interface which can be used to identify antiforgery metadata. |
| IAntiforgeryValidationFeature |
Used to set the result of anti-forgery token validation. |
Remarks
For more information about Cross-Site Request Forgery attacks, see Prevent Cross-Site Request Forgery (XSRF/CSRF) attacks in ASP.NET Core.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for