100% Free
🎯 3200+ Questions. One Goal: Your Success Sign In Sign Up

What is Anti-Forgery and why is it required?

Junior .NET Core

Answer

Anti-forgery protection defends against Cross-Site Request Forgery (CSRF) attacks.

ASP.NET Core generates a pair of correlated tokens: one stored in a cookie and one embedded in the form. On POST, both must be present and valid. This ensures that state-changing requests originate from the legitimate site and user, not from a malicious third-party page.

Bookmark Add to Set Notes

Want to bookmark, take notes, or join discussions?

Sign in to access all features and personalize your learning experience.

Sign In Create Account

Source: SugharaIQ

Related Questions in .NET Core

(10 questions)
What is inheritance?
What is ASP.NET Core and why was it created?
Explain the ASP.NET Core hosting model (Host Builder + Kestrel + Startup flow).
What is Kestrel and why does ASP.NET Core use it?
Explain Middleware and the purpose of the ASP.NET Core Request Pipeline.
Why does the order of middleware matter so much?
What is Dependency Injection in ASP.NET Core and why is it built-in?
Explain the three DI lifetimes (Transient, Scoped, Singleton).
What is Configuration in ASP.NET Core and how does it work?
What is the purpose of IOptions, IOptionsSnapshot, and IOptionsMonitor?
View All .NET Core Questions
Ready to level up? Start Practice