If we compare .NET Core with .NET as far as the resolution of CSRF attacks is concerned, The ValidateAntiForgeryToken attribute and The AntiForgeryToken HTML helper(@Html.AntiForgeryToken()) are still there in .NET Core. On top of these, there are some more powerful options we have in .NET Core.
source https://www.c-sharpcorner.com/article/secure-net-core-applications-from-csrf-attack-net-core-security-part-two/
No comments:
Post a Comment