It generates a value which is stored in a cookie and a hidden field. When a user posts a form that includes the anti forgery token, ASP.NET checks that the value in the hidden field is the same as the value in the cookie. This prevents cross site request
forgery because cookies are restricted to the domain that issued them.
It generates a value which is stored in a cookie and a hidden field. When a user posts a form that includes the anti forgery token, ASP.NET checks that the value in the hidden field is the same as the value in the cookie. This prevents cross site request
forgery because cookies are restricted to the domain that issued them.
thanks for reply. can u plzz tell me what is cross site request forgery ? what it does and how one can do the harmful job with cross site request forgery? looking for good discussion. thanks