Inserts a security validation within the form of an .aspx page.
Assembly: Microsoft.SharePoint (in Microsoft.SharePoint.dll)
[SharePointPermissionAttribute(SecurityAction.LinkDemand, ObjectModel = true)] [AspNetHostingPermissionAttribute(SecurityAction.LinkDemand, Level = AspNetHostingPermissionLevel.Minimal)] [SharePointPermissionAttribute(SecurityAction.InheritanceDemand, ObjectModel = true)] [AspNetHostingPermissionAttribute(SecurityAction.InheritanceDemand, Level = AspNetHostingPermissionLevel.Minimal)] public class FormDigest : SPControl
To make posts from a Web application that modify the contents of the database, you must include the FormDigest control in the form making the post. The FormDigest control generates a security validation, or message digest, to help prevent the type of attack whereby a user is tricked into posting data to the server without knowing it. The security validation is specific to a user, site, and time period and expires after a configurable amount of time. When the user requests a page, the server returns the page with security validation inserted. When the user then submits the form, the server verifies that the security validation has not changed.
For more information on security validation, see Security Validation and Making Posts to Update Data.
The following code example shows a form that contains the FormDigest control.
<form id="Form1" method="post" runat="server"> <SharePoint:FormDigest runat="server"/> <asp:Button id="Button1" style="Z-INDEX: 101; LEFT: 282px; POSITION: absolute; TOP: 282px" runat="server" Text="Button"></asp:Button> </form>