How to avoid Cross Site Request Forgery (CSRF) in ASP.NET MVC?

 Posted by Sheonarayan on 10/15/2013 | Category: ASP.NET MVC Interview questions | Views: 6659 | Points: 40
Answer:

To avoid Cross Site Request Forgery (CSRF) in ASP.NET MVC, you need to do two things.

1. Add [ValidateAntiForgeryTocken] attribute in the Controller Action method which is executing when the form data is being submitted.

2. Add @Html.AntiForgeryTocken() element in the HTML form.


Asked In: Many Interviews | Alert Moderator 

Comments or Responses

Login to post response