Share via

IAntiforgery Interface

  • Reference

Definition

Namespace:
Microsoft.AspNetCore.Antiforgery
Assembly:
Microsoft.AspNetCore.Antiforgery.dll
Package:
Microsoft.AspNetCore.Antiforgery v1.0.0
Package:
Microsoft.AspNetCore.Antiforgery v1.1.0
Package:
Microsoft.AspNetCore.Antiforgery v2.0.0
Package:
Microsoft.AspNetCore.Antiforgery v2.1.0
Package:
Microsoft.AspNetCore.Antiforgery v2.2.0
Package:
Microsoft.AspNetCore.App.Ref v3.0.1
Package:
Microsoft.AspNetCore.App.Ref v3.1.10
Package:
Microsoft.AspNetCore.App.Ref v5.0.0
Package:
Microsoft.AspNetCore.App.Ref v6.0.6
Package:
Microsoft.AspNetCore.App.Ref v7.0.5
Package:
Microsoft.AspNetCore.App.Ref v8.0.0
Package:
Microsoft.AspNetCore.App.Ref v9.0.0-rc.2.24474.3
Source:
IAntiforgery.cs

Provides access to the antiforgery system, which provides protection against Cross-site Request Forgery (XSRF, also called CSRF) attacks.

public interface class IAntiforgery
public interface IAntiforgery
type IAntiforgery = interface
Public Interface IAntiforgery

Methods

GetAndStoreTokens(HttpContext)

Generates an AntiforgeryTokenSet for this request and stores the cookie token in the response. This operation also sets the "Cache-control" and "Pragma" headers to "no-cache" and the "X-Frame-Options" header to "SAMEORIGIN".
GetTokens(HttpContext)

Generates an AntiforgeryTokenSet for this request.
IsRequestValidAsync(HttpContext)

Asynchronously returns a value indicating whether the request passes antiforgery validation. If the request uses a safe HTTP method (GET, HEAD, OPTIONS, TRACE), the antiforgery token is not validated.
SetCookieTokenAndHeader(HttpContext)

Generates and stores an antiforgery cookie token if one is not available or not valid.
ValidateRequestAsync(HttpContext)

Validates an antiforgery token that was supplied as part of the request.

Extension Methods

GetHtml(IAntiforgery, HttpContext)

Generates an <input type="hidden"> element for an antiforgery token.

Applies to