We need to add [ValidateAntiForgeryToken] attribute before our action. And also should add @Html.AntiForgeryToken() in our form.
We don't need to use [ValidateAntiForgeryToken] attribute for the GET actions. Use POST request from page which was generated by our application. This attack called cross site request forgeries. When we use It will prevent from forgeries.
Controller:
[HttpPost][AllowAnonymous][ValidateAntiForgeryToken]public ActionResult Login(UserLogin userlogin){<!--/ Check Login -->}
The View:
@using (@Html.BeginForm("Login", "Admin", FormMethod.Post)){@Html.AntiForgeryToken()<input name="..." type="text" />}
Post your comments / questions
Recent Article
- How to fix "Jupyter notebook not opening problem"
- How to fix Task host windows prevents shutdown in windows 10
- Missing Module Docstring Pylint Error in Visual Studio Code
- Python was not found. run without arguments to install from the Microsoft Store - SOLVED
- How to set background for text using Graphics.DrawRectangle in c#?
- How to replace button click event with keyboard shortcuts - JQuery
- Attempted import error: 'Switch' is not exported from 'react-router-dom' - ReactJS
- How to dynamically change the image source using jQuery?
Related Article