Udostępnij za pośrednictwem


HtmlHelper.AntiForgeryToken Method (String, String, String)

Generates a hidden form field (anti-forgery token) that is validated when the form is submitted. The field value is generated using the specified salt value, domain, and path.

Namespace:  System.Web.Mvc
Assembly:  System.Web.Mvc (in System.Web.Mvc.dll)

Syntax

'Declaration
Public Function AntiForgeryToken ( _
    salt As String, _
    domain As String, _
    path As String _
) As MvcHtmlString
public MvcHtmlString AntiForgeryToken(
    string salt,
    string domain,
    string path
)
public:
MvcHtmlString^ AntiForgeryToken(
    String^ salt, 
    String^ domain, 
    String^ path
)

Parameters

  • salt
    Type: System.String
    The salt value, which can be any non-empty string.

Return Value

Type: System.Web.Mvc.MvcHtmlString
The generated form field (anti-forgery token).

Remarks

The anti-forgery token can be used to help protect your application against cross-site request forgery. To use this feature, call the AntiForgeryToken method from a form and add the ValidateAntiForgeryTokenAttribute attribute to the action method that you want to protect.

See Also

Reference

HtmlHelper Class

AntiForgeryToken Overload

System.Web.Mvc Namespace