I am implementing AntiForgery into a WebApplication. Whilst I know this works server side using the AntiForgery Library by adding a hidden element and then validating it on a master page event, we have hundreds of ASPX Page webMethods to consider when it comes to client side implementation with jQuery or reactJs.
Is there a way of creating a filter to tag onto webMethods that does an AntiForgery check?
1 Like
Hello @sai_chinnu
To add anti forgery checks for several aspx Page web methods, you can develop a custom action filter to perform the anti forgery token validation properly. This filter can be implemented to your web methods to ensure that each request contains a valid token. Include the anti forgery token in the ajax request headers when using jquery and reactjs. Organizing this logic eliminates the need to individually implement token validation to each web method; improving security throughout your application.