Remove From My Forums

What anti forgery token does?

Question
0

Sign in to vote

User88744855 posted

i like to know briefly What anti forgery token does ? and what kind of security it provides?

thanks

Tuesday, December 2, 2014 1:54 AM

Answers

0

Sign in to vote
User-821857111 posted

It generates a value which is stored in a cookie and a hidden field. When a user posts a form that includes the anti forgery token, ASP.NET checks that the value in the hidden field is the same as the value in the cookie. This prevents cross site request forgery because cookies are restricted to the domain that issued them.

http://blog.stevensanderson.com/2008/09/01/prevent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Tuesday, December 2, 2014 2:19 AM

All replies

0

Sign in to vote
User-821857111 posted

It generates a value which is stored in a cookie and a hidden field. When a user posts a form that includes the anti forgery token, ASP.NET checks that the value in the hidden field is the same as the value in the cookie. This prevents cross site request forgery because cookies are restricted to the domain that issued them.

http://blog.stevensanderson.com/2008/09/01/prevent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Tuesday, December 2, 2014 2:19 AM
0

Sign in to vote

User88744855 posted

thanks for reply. can u plzz tell me what is cross site request forgery ? what it does and how one can do the harmful job with cross site request forgery? looking for good discussion. thanks

Tuesday, December 2, 2014 2:49 AM
0

Sign in to vote

User-821857111 posted

Click the link I provided. There's a clear explanation there.

Tuesday, December 2, 2014 2:53 AM