Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

HtmlHelper.AntiForgeryToken Method (String, String, String)

Note: This API is now obsolete.

Generates a hidden form field (anti-forgery token) that is validated when the form is submitted. The field value is generated using the specified salt value, domain, and path.

Namespace:  System.Web.Mvc
Assembly:  System.Web.Mvc (in System.Web.Mvc.dll)

[ObsoleteAttribute("This method is deprecated. Use the AntiForgeryToken() method instead. To specify a custom domain for the generated cookie, use the <httpCookies> configuration element. To specify custom data to be embedded within the token, use the static AntiForgeryConfig.AdditionalDataProvider property.", 
	true)]
public MvcHtmlString AntiForgeryToken(
	string salt,
	string domain,
	string path
)

Parameters

salt
Type: System.String
The salt value, which can be any non-empty string.
domain
Type: System.String
The application domain.
path
Type: System.String
The virtual path.

Return Value

Type: System.Web.Mvc.MvcHtmlString
The generated form field (anti-forgery token).

The anti-forgery token can be used to help protect your application against cross-site request forgery. To use this feature, call the AntiForgeryToken method from a form and add the ValidateAntiForgeryTokenAttribute attribute to the action method that you want to protect.

Show:
© 2015 Microsoft