Adding ASP.NET MVC Anti-Forgery Tokens To All Post Requests Globally
This post is how to implement anti forgery validation with ASP.NET MVC. The anti-forgery token can be used to help protect your application against cross-site request forgery. To use this feature, call the AntiForgeryToken method from a form and add the ValidateAntiForgeryTokenAttribute attribute to the action method that you want to protect. It'll be always good to avoid repetitive coding, especially when the framework is flexible enough to avoid it. Below is my solution to to create a flexible solution to validate all post operations. Next step will be to register the above filter globally with GlobalFilterCollection in Global.asax: All of our post operations are now checked for forgery; however, this will fail because we haven’t added our token globally. To enable AntiForgeryToken in client side, I added a @Html.AntiForgeryToken() element in the Index.cshtml file. You can do it _layout.cshtml as well. This will render the...