如何通过AntiForgeryToken在MVC [英] How to pass through the AntiForgeryToken in MVC

问题描述

如何通过AntiForgeryToken传递到另一个动作？下面就当然不工作：

How to pass through the AntiForgeryToken to another action? The following does of course not work:

[ValidateAntiForgeryToken]
public ActionResult CheckSelection(string[] SelectedIds, int SessionId)
{
    ...
    if (SomeCondition)
    {
        return RedirectToAction("Finish", "Session", new { SessionId = SessionId,
              __RequestVerificationToken = Request.Params["__RequestVerificationToken"] });
    }
    ....
}

感谢您的帮助！

推荐答案

这是不可能的。该防伪标记是基于双方的HTTP Cookie和表单中的一个隐藏的价值;做一个动作时重定向，这种形式的价值会丢失，因此防伪标记不能验证。

That is not possible. The anti-forgery token is based on both an Http Cookie and a hidden value in your Form; when doing an Action Redirect, that form value is lost and therefore the anti-forgery token cannot be validated.

您将需要拿出不需要操作重定向设计...

You will need to come up with a design that does not need action redirect...

这篇关于如何通过AntiForgeryToken在MVC的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！