Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
797 views
in Technique[技术] by (71.8m points)

asp.net mvc - If I add multiple forms in a single page, do I need to add separate Anti-Forgery Tokens in each form?

If the answer is yes then how would ASP.NET MVC find out that which token was linked to which form and how to validate it?

I've seen it is creating two separate tokens for each form.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

There is nothing specific that you need to do in this case. ASP.NET MVC will simply reuse the same value for all forms so it doesn't need to know which form sent the request in order to validate it. Simply put an Html.AntiForgeryToken() in each form and decorate each controller action you are posting to with the [ValidateAntiForgeryToken] attribute and you should be OK.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...