IAntiforgeryAdditionalDataProvider IAntiforgeryAdditionalDataProvider IAntiforgeryAdditionalDataProvider Interface

Definition

Allows providing or validating additional custom data for antiforgery tokens. For example, the developer could use this to supply a nonce when the token is generated, then he could validate the nonce when the token is validated.

public interface IAntiforgeryAdditionalDataProvider
type IAntiforgeryAdditionalDataProvider = interface
Public Interface IAntiforgeryAdditionalDataProvider
Derived

Remarks

The antiforgery system already embeds the client's username within the generated tokens. This interface provides and consumes supplemental data. If an incoming antiforgery token contains supplemental data but no additional data provider is configured, the supplemental data will not be validated.

Methods

GetAdditionalData(HttpContext) GetAdditionalData(HttpContext) GetAdditionalData(HttpContext)

Provides additional data to be stored for the antiforgery tokens generated during this request.

ValidateAdditionalData(HttpContext, String) ValidateAdditionalData(HttpContext, String) ValidateAdditionalData(HttpContext, String)

Validates additional data that was embedded inside an incoming antiforgery token.

Applies to