0

Is it possible to send a CSRF token from the client (standard ASP.NET) to a controller method server side that uses the built in [ValidateAntiForgeryToken]attribute?

We want to mitigate CSRF between a ASP.NET client and MVC Server side controller methods.

codeg
  • 333
  • 1
  • 6
  • 21
  • What are you looking for that's different from using `@Html.AntiForgeryToken()` in a view and `[ValidateAntiForgeryToken]` on the controller method? – Pluto Nov 24 '15 at 19:11
  • Asp.net standard does not have @Html.AntiForgeryToken, that's specific to MVC. I want to call MVC controller methods from a standard Asp.net client UI. – codeg Nov 24 '15 at 19:20
  • There is no such thing as a standard ASP.NET client UI. There is [Web Forms, MVC, and Web Pages](http://stackoverflow.com/a/6150890/1507941). Are you talking about a generic .NET client or are you using one of those frameworks? – Pluto Nov 24 '15 at 19:35
  • .NET WebForms - client side – codeg Nov 24 '15 at 20:59

0 Answers0