HtmlHelper.AntiForgeryToken Method (String, String, String)
Generates a hidden form field (anti-forgery token) that is validated when the form is submitted. The field value is generated using the specified salt value, domain, and path.
Namespace: System.Web.Mvc
Assembly: System.Web.Mvc (in System.Web.Mvc.dll)
Syntax
'Declaration
Public Function AntiForgeryToken ( _
salt As String, _
domain As String, _
path As String _
) As MvcHtmlString
public MvcHtmlString AntiForgeryToken(
string salt,
string domain,
string path
)
public:
MvcHtmlString^ AntiForgeryToken(
String^ salt,
String^ domain,
String^ path
)
Parameters
- salt
Type: System.String
The salt value, which can be any non-empty string.
- domain
Type: System.String
The application domain.
- path
Type: System.String
The virtual path.
Return Value
Type: System.Web.Mvc.MvcHtmlString
The generated form field (anti-forgery token).
Remarks
The anti-forgery token can be used to help protect your application against cross-site request forgery. To use this feature, call the AntiForgeryToken method from a form and add the ValidateAntiForgeryTokenAttribute attribute to the action method that you want to protect.