AntiForgeryConfig AntiForgeryConfig AntiForgeryConfig Class


Provides programmatic configuration for the anti-forgery token system.

public static class AntiForgeryConfig
type AntiForgeryConfig = class
Public Class AntiForgeryConfig


AdditionalDataProvider AdditionalDataProvider AdditionalDataProvider

Gets a data provider that can provide additional data to put into all generated tokens and that can validate additional data in incoming tokens.

CookieName CookieName CookieName

Gets or sets the name of the cookie that is used by the anti-forgery system.

RequireSsl RequireSsl RequireSsl

Gets or sets a value that indicates whether the anti-forgery cookie requires SSL in order to be returned to the server.

SuppressIdentityHeuristicChecks SuppressIdentityHeuristicChecks SuppressIdentityHeuristicChecks

Gets or sets a value that indicates whether the anti-forgery system should skip checking for conditions that might indicate misuse of the system.

SuppressXFrameOptionsHeader SuppressXFrameOptionsHeader SuppressXFrameOptionsHeader

Specifies whether to suppress the generation of X-Frame-Options header which is used to prevent ClickJacking. By default, the X-Frame-Options header is generated with the value SAMEORIGIN. If this setting is 'true', the X-Frame-Options header will not be generated for the response.

UniqueClaimTypeIdentifier UniqueClaimTypeIdentifier UniqueClaimTypeIdentifier

If claims-based authorization is in use, gets or sets the claim type from the identity that is used to uniquely identify the user.

Applies to