AntiforgeryOptions AntiforgeryOptions Class

Provides programmatic configuration for the antiforgery token system.

Syntax

Declaration

public class AntiforgeryOptionsPublic Class AntiforgeryOptions

Inheritance Hierarchy

  • System.Object
    System.Object
  • AntiforgeryOptions
    AntiforgeryOptions

Inherited Members

Equals(Object),
Equals(Object),
Equals(Object, Object),
Equals(Object, Object),
GetHashCode(),
GetHashCode(),
GetType(),
GetType(),
MemberwiseClone(),
MemberwiseClone(),
ReferenceEquals(Object, Object),
ReferenceEquals(Object, Object),
ToString()
ToString()

Fields summary

The default cookie prefix, which is ".AspNetCore.Antiforgery.".

Properties summary

Specifies the name of the cookie that is used by the antiforgery system.
Specifies the name of the antiforgery token field that is used by the antiforgery system.
Specifies the name of the header value that is used by the antiforgery system. If null then antiforgery validation will only consider form data.
Specifies whether SSL is required for the antiforgery system to operate. If this setting is 'true' and a non-SSL request comes into the system, all antiforgery APIs will fail.
Specifies whether to suppress the generation of X-Frame-Options header which is used to prevent ClickJacking. By default, the X-Frame-Options header is generated with the value SAMEORIGIN. If this setting is 'true', the X-Frame-Options header will not be generated for the response.

Fields

  • DefaultCookiePrefix
    DefaultCookiePrefix
    The default cookie prefix, which is ".AspNetCore.Antiforgery.".
    public static readonly string DefaultCookiePrefixPublic Shared ReadOnly DefaultCookiePrefix As String

Properties

  • CookieName
    CookieName
    Specifies the name of the cookie that is used by the antiforgery system.
    public string CookieName { get; set; }Public Property CookieName As String

    Property Value

    • System.String
      System.String

    Remarks

    If an explicit name is not provided, the system will automatically generate a unique name that begins with DefaultCookiePrefix.
  • FormFieldName
    FormFieldName
    Specifies the name of the antiforgery token field that is used by the antiforgery system.
    public string FormFieldName { get; set; }Public Property FormFieldName As String

    Property Value

    • System.String
      System.String
  • HeaderName
    HeaderName
    Specifies the name of the header value that is used by the antiforgery system. If null then antiforgery validation will only consider form data.
    public string HeaderName { get; set; }Public Property HeaderName As String

    Property Value

    • System.String
      System.String
  • RequireSsl
    RequireSsl
    Specifies whether SSL is required for the antiforgery system to operate. If this setting is 'true' and a non-SSL request comes into the system, all antiforgery APIs will fail.
    public bool RequireSsl { get; set; }Public Property RequireSsl As Boolean

    Property Value

    • System.Boolean
      System.Boolean
  • SuppressXFrameOptionsHeader
    SuppressXFrameOptionsHeader
    Specifies whether to suppress the generation of X-Frame-Options header which is used to prevent ClickJacking. By default, the X-Frame-Options header is generated with the value SAMEORIGIN. If this setting is 'true', the X-Frame-Options header will not be generated for the response.
    public bool SuppressXFrameOptionsHeader { get; set; }Public Property SuppressXFrameOptionsHeader As Boolean

    Property Value

    • System.Boolean
      System.Boolean

Details

Assembly

Microsoft.AspNetCore.Antiforgery.dll