antiforgerytoken

Prevent Cross-Site Request Forgery (CSRF) Attacks in MVC with AntiForgeryToken

One of the most common security vulnerabilities on any given website is the Cross-Site Request Forgery (CSRF) attack. It's so common that OWASP has regularly included it in its list of the top ten security vulnerabilities. Luckily for us, Microsoft has made this kind of attack very easy to prevent in ASP.NET MVC via the use of AntiForgeryTokens. What is a Cross-Site Request Forgery Attack? Pretend we're doing some online banking. Without logging out of the bank's site or... Read more >