Click or drag to resize

IAntiForgeryAdditionalDataProvider Interface

Allows providing or validating additional custom data for anti-forgery tokens. For example, the developer could use this to supply a nonce when the token is generated, then he could validate the nonce when the token is validated.

Namespace: GSF.Web.Security
Assembly: GSF.Web (in GSF.Web.dll) Version: 2.4.218-beta
Syntax
public interface IAntiForgeryAdditionalDataProvider
View Source

The IAntiForgeryAdditionalDataProvider type exposes the following members.

Methods
 NameDescription
Public methodGetAdditionalData Provides additional data to be stored for the anti-forgery tokens generated during this request.
Public methodValidateAdditionalData Validates additional data that was embedded inside an incoming anti-forgery token.
Top
Remarks
The anti-forgery system already embeds the client's username within the generated tokens. This interface provides and consumes supplemental data. If an incoming anti-forgery token contains supplemental data but no additional data provider is configured, the supplemental data will not be validated.
See Also