4

Can someone tell me what that attribute means . How does it works ? 

NortwhindEntities db=new NorthwindEntities();

[ValidateAntiForgeryToken]
public ActionResult Save(Product product)
{
  db.Product.Add(product);
  Return View();
}
tereško
  • 57,247
  • 24
  • 95
  • 149
V.B.
  • 69
  • 1
  • 1
  • 6

1 Answers1

17

The ValidateAntiForgeryToken attribute is used to prevent forgery of requests. Request validation is needed to secure your MVC application. It works by adding a new 'Anti Forgery Token' hidden field to your form and a cookie; and then validating/comparing the two in a POST request. Here is an article that explains in more detail how the anti-forgery mechanism works.

Elie
  • 1,120
  • 1
  • 9
  • 16