Microsoft.AspNetCore.Antiforgery Namespace

Provides types designed to generate and validate tokens to prevent Cross-Site Request Forgery attacks.

Classes

AntiforgeryOptions

Provides programmatic configuration for the antiforgery token system.

AntiforgeryTokenSet

The antiforgery token pair (cookie and request token) for a request.

AntiforgeryValidationException

The Exception that is thrown when the antiforgery token validation fails.

RequireAntiforgeryTokenAttribute

An attribute that can be used to indicate whether the antiforgery token must be validated.

Interfaces

IAntiforgery

Provides access to the antiforgery system, which provides protection against Cross-site Request Forgery (XSRF, also called CSRF) attacks.

IAntiforgeryAdditionalDataProvider

Allows providing or validating additional custom data for antiforgery tokens. For example, the developer could use this to supply a nonce when the token is generated, then validate it when the token is validated.

IAntiforgeryMetadata

A marker interface which can be used to identify antiforgery metadata.

IAntiforgeryValidationFeature

Used to set the result of anti-forgery token validation.

Remarks

For more information about Cross-Site Request Forgery attacks, see Prevent Cross-Site Request Forgery (XSRF/CSRF) attacks in ASP.NET Core.