IAntiForgeryAdditionalDataProvider Interface

Allows providing or validating additional custom data for anti-forgery tokens. For example, the developer could use this to supply a nonce when the token is generated, then he could validate the nonce when the token is validated.

Namespace: GSF.Web.Security
Assembly: GSF.Web (in GSF.Web.dll) Version: 2.4.257-beta

Syntax

C++

JavaScript

Copy

public interface IAntiForgeryAdditionalDataProvider

Public Interface IAntiForgeryAdditionalDataProvider

public interface class IAntiForgeryAdditionalDataProvider

type IAntiForgeryAdditionalDataProvider = interface end

GSF.Web.Security.IAntiForgeryAdditionalDataProvider = function();
GSF.Web.Security.IAntiForgeryAdditionalDataProvider.createInterface('GSF.Web.Security.IAntiForgeryAdditionalDataProvider');

View Source

The IAntiForgeryAdditionalDataProvider type exposes the following members.

Methods

	Name	Description
	GetAdditionalData	Provides additional data to be stored for the anti-forgery tokens generated during this request.
	ValidateAdditionalData	Validates additional data that was embedded inside an incoming anti-forgery token.

Top

Remarks

The anti-forgery system already embeds the client's username within the generated tokens. This interface provides and consumes supplemental data. If an incoming anti-forgery token contains supplemental data but no additional data provider is configured, the supplemental data will not be validated.

Reference

GSF.Web.Security Namespace