How to extend or override BeginForm to include a AntiForgeryToken field

前端未结

关注

 1  876

被撕碎了的回忆 2021-02-04 08:06

I was reading this article (http://weblogs.asp.net/dixin/archive/2010/05/22/anti-forgery-request-recipes-for-asp-net-mvc-and-ajax.aspx) about how to prevent CSRF attacks. It se

1条回答

深忆病人 (楼主)

2021-02-04 08:44

You should use this instead, to place the token at the right place, after the form :

public static MvcForm BeginAntiForgeryForm(this HtmlHelper htmlHelper)
    {
        var mvcForm = htmlHelper.BeginForm();
        htmlHelper.ViewContext.Writer.Write(htmlHelper.AntiForgeryToken().ToHtmlString());
        return mvcForm;
    }

0 讨论(0)