AntiForgery.GetHtml Method

Adds an authenticating token to a form to help protect against request forgery.

Namespace:  System.Web.Helpers
Assembly:  System.Web.WebPages (in System.Web.WebPages.dll)

public static HtmlString GetHtml()

Return Value

Type: System.Web.HtmlString
Returns a string that contains the encrypted token value in a hidden HTML field.


The current System.Web.HttpContext object is null.

Call this method to create an encrypted token that is added to an HTML form as a hidden field. After the page has been submitted, you can call the Validate() method to check the token value and validate that the submitted data comes from a valid user.

Use the GetHtml method overload when you do not have to specify any additional parameters for the method. If you want to specify parameters (such as a salt value for enhanced encryption, a virtual application path, or a domain within which to validate the request), use the GetHtml overload.