Microsoft.AspNetCore.Antiforgery Namespace
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Provides types designed to generate and validate tokens to prevent Cross-Site Request Forgery attacks.
Classes
| AntiforgeryOptions |
Provides programmatic configuration for the antiforgery token system. |
| AntiforgeryTokenSet |
The antiforgery token pair (cookie and request token) for a request. |
| AntiforgeryValidationException |
The Exception that is thrown when the antiforgery token validation fails. |
Interfaces
| IAntiforgery |
Provides access to the antiforgery system, which provides protection against Cross-site Request Forgery (XSRF, also called CSRF) attacks. |
| IAntiforgeryAdditionalDataProvider |
Allows providing or validating additional custom data for antiforgery tokens. For example, the developer could use this to supply a nonce when the token is generated, then validate it when the token is validated. |
Remarks
For more information about Cross-Site Request Forgery attacks, see Prevent Cross-Site Request Forgery (XSRF/CSRF) attacks in ASP.NET Core.