Introduction to Cross-Site Scripting and the AntiForgeryToken

Watch the first few minutes on us! If you'd like to watch the entire video and hundreds more like it, download code samples, access offline videos and skills assessments, and use the discussion forums, log in or purchase a subscription.


Bob Tabor


Bob explains how Cross-Site Request Forgery (CSRF) works and what measures (and their limitations) that the MVC Framework takes to protect developers and users from malicious hackers who attempt this form of Cross-Site Scripting (XSS). We learn about the AntiForgeryToken (RequestVerificationToken), the ValidateAntiForgeryToken attribute, and the AntiForgeryToken method on the HTML helper class.

Table of Contents

{{toc.Position}} {{toc.Text}}

Related Links

  • {{link.LinkText}} (requires a paid subscription)


This course is part of the following series: