AntiForgery.Validate Method
Validates that input data from an HTML form field comes from the user who submitted the data.
Namespace: System.Web.Helpers
Assembly: System.Web.WebPages (in System.Web.WebPages.dll)
Syntax
'Declaration
Public Shared Sub Validate
'Usage
AntiForgery.Validate()
public static void Validate()
public:
static void Validate()
static member Validate : unit -> unit
public static function Validate()
Exceptions
Exception | Condition |
---|---|
ArgumentException | The current HttpContext value is null reference (Nothing in Visual Basic). |
HttpAntiForgeryException | The HTTP cookie token that accompanies a valid request is missing -or- The form token is missing. -or- The form token value does not match the cookie token value. -or- The form token value does not match the cookie token value. |
Remarks
Call the method to verify that a request was submitted by a legitimate user and that the request was not forged by a malicious script. To use this method, first add a call to the GetHtml() method, which adds a token to an HTML form that can be validated after the page is submitted. If validation fails, the AntiForgery class throws an exception.