Export (0) Print
Expand All

FormDigest Class

Windows SharePoint Services 3

Inserts a security validation within the form of an .aspx page.

Namespace:  Microsoft.SharePoint.WebControls
Assembly:  Microsoft.SharePoint (in Microsoft.SharePoint.dll)

[SharePointPermissionAttribute(SecurityAction.LinkDemand, ObjectModel = true)]
[AspNetHostingPermissionAttribute(SecurityAction.LinkDemand, Level = AspNetHostingPermissionLevel.Minimal)]
[SharePointPermissionAttribute(SecurityAction.InheritanceDemand, ObjectModel = true)]
[AspNetHostingPermissionAttribute(SecurityAction.InheritanceDemand, Level = AspNetHostingPermissionLevel.Minimal)]
public class FormDigest : SPControl

To make posts from a Web application that modify the contents of the database, you must include the FormDigest control in the form making the post. The FormDigest control generates a security validation, or message digest, to help prevent the type of attack whereby a user is tricked into posting data to the server without knowing it. The security validation is specific to a user, site, and time period and expires after a configurable amount of time. When the user requests a page, the server returns the page with security validation inserted. When the user then submits the form, the server verifies that the security validation has not changed.

For more information on security validation, see Security Validation and Making Posts to Update Data.

The following code example shows a form that contains the FormDigest control.


<form id="Form1" method="post" runat="server">
   <SharePoint:FormDigest runat="server"/>
   <asp:Button id="Button1" style="Z-INDEX: 101; LEFT: 282px; POSITION: absolute; 
      TOP: 282px" runat="server" Text="Button"></asp:Button>
</form>

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Community Additions

ADD
Show:
© 2014 Microsoft