IAntiForgeryAdditionalDataProvider Interface

Summary

Allows providing or validating additional custom data for anti-forgery tokens. For example, the developer could use this to supply a nonce when the token is generated, then he could validate the nonce when the token is validated.

Syntax

public interface IAntiForgeryAdditionalDataProvider

GitHub

View on GitHub

interface Microsoft.AspNet.Mvc.IAntiForgeryAdditionalDataProvider

Methods

GetAdditionalData(HttpContext)

Provides additional data to be stored for the anti-forgery tokens generated during this request.

Arguments:
  • context (HttpContext) – Information about the current request.
Return type:

System.String

Returns:

Supplemental data to embed within the anti-forgery token.

string GetAdditionalData(HttpContext context)
ValidateAdditionalData(HttpContext, System.String)

Validates additional data that was embedded inside an incoming anti-forgery token.

Arguments:
  • context (HttpContext) – Information about the current request.
  • additionalData (System.String) – Supplemental data that was embedded within the token.
Return type:

System.Boolean

Returns:

True if the data is valid; false if the data is invalid.

bool ValidateAdditionalData(HttpContext context, string additionalData)