Click here to Skip to main content
15,940,921 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
What are the possible technique which web developers may use to prevent that CSRF attack? What should be include in the html source code? The solution that i would like is to be included when web developer build their web page and not a proxy based solution.

I have found out that most preferable is using nonce and samples are available in php coding but how can it be use in c# ASP.Net?
Posted

 
Share this answer
 
Comments
Member 10032346 20-Jul-13 2:25am    
Is there any other way without using ASP.net MVC and AJAX?
Dholakiya Ankit 20-Jul-13 2:34am    
which way you want to do? your q is about asp.net
Dholakiya Ankit 20-Jul-13 2:39am    
why you have unaccepted ans??
Member 10032346 20-Jul-13 8:43am    
No not really. Is it possible to use custom header to prevent?
Check below link, you will get all the details required and how to patch the issue.

https://www.owasp.org/index.php/Top_10_2013-A8-Cross-Site_Request_Forgery_(CSRF)[^]
 
Share this answer
 
Comments
Member 10032346 20-Jul-13 2:24am    
is there any more detail solution with example if possible

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900