4

Can someone tell me what that attribute means . How does it works ? 

NortwhindEntities db=new NorthwindEntities();

[ValidateAntiForgeryToken]
public ActionResult Save(Product product)
{
  db.Product.Add(product);
  Return View();
}
tereško
  • 58,060
  • 25
  • 98
  • 150
V.B.
  • 69
  • 1
  • 1
  • 6

1 Answers1

17

The ValidateAntiForgeryToken attribute is used to prevent forgery of requests. Request validation is needed to secure your MVC application. It works by adding a new 'Anti Forgery Token' hidden field to your form and a cookie; and then validating/comparing the two in a POST request. Here is an article that explains in more detail how the anti-forgery mechanism works.

Elie
  • 1,140
  • 2
  • 9
  • 16