Export (0) Print
Expand All

HtmlHelper.AntiForgeryToken Method (String, String, String)

Note: This API is now obsolete.

Generates a hidden form field (anti-forgery token) that is validated when the form is submitted. The field value is generated using the specified salt value, domain, and path.

Namespace:  System.Web.Mvc
Assembly:  System.Web.Mvc (in System.Web.Mvc.dll)

[ObsoleteAttribute("This method is deprecated. Use the AntiForgeryToken() method instead. To specify a custom domain for the generated cookie, use the <httpCookies> configuration element. To specify custom data to be embedded within the token, use the static AntiForgeryConfig.AdditionalDataProvider property.", 
	true)]
public MvcHtmlString AntiForgeryToken(
	string salt,
	string domain,
	string path
)

Parameters

salt
Type: System.String
The salt value, which can be any non-empty string.
domain
Type: System.String
The application domain.
path
Type: System.String
The virtual path.

Return Value

Type: System.Web.Mvc.MvcHtmlString
The generated form field (anti-forgery token).

The anti-forgery token can be used to help protect your application against cross-site request forgery. To use this feature, call the AntiForgeryToken method from a form and add the ValidateAntiForgeryTokenAttribute attribute to the action method that you want to protect.

Show:
© 2014 Microsoft