Menu
How to use many @Html.AntiForgeryToken() in one page?
When I put it doesn't work on the remote host, only locally!
I tried to use different strings foreach forgery token
@Html.AntiForgeryToken("logoff_forgery") but when I add [ValidateAntiForgeryToken(Salt = "logoff_forgery")] in the controller, I get this following error
'System.Web.Mvc.ValidateAntiForgeryTokenAttribute.Salt'
'The 'Salt' property is deprecated.
To specify custom data to be embedded within the token,
use the static AntiForgeryConfig.AdditionalDataProvider property.'
D:\projects\codesan\app\CodeSan\CodeSan\Controllers\AccountController.cs
289 35 CodeSan
Does anyone know how to use the static AntiForgeryConfig.AdditionalDataProvider ? If yes please share it with me.
543
As it states in the description Salt property is deprecated.
Here is a simple implementation for IAntiForgeryAdditionalDataProvider
public class MyAntiForgeryAdditionalDataProvider : IAntiForgeryAdditionalDataProvider
{
public string GetAdditionalData(HttpContextBase context)
{
return GenerateTokenAndSaveItToTheDB();
}
public bool ValidateAdditionalData(HttpContextBase context, string additionalData)
{
Guid token = Guid.TryParse(additionalData, out token) ? token : Guid.Empty;
if (token == Guid.Empty) return false;
return GetIfTokenIsFoundInTheDBAndNotExpired(token);
}
private string GenerateTokenAndSaveItToTheDB()
{
var newToken = Guid.NewGuid().ToString();
//save it to the db
return newToken;
}
}
And you simply register it in the Global.asax.cs
protected void Application_Start()
{
AntiForgeryConfig.AdditionalDataProvider = new MyAntiForgeryAdditionalDataProvider();
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
