如何通过AntiForgeryToken在MVC

本文介绍了如何通过AntiForgeryToken在MVC的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

如何通过AntiForgeryToken传递到另一个动作？下面就当然不工作：

How to pass through the AntiForgeryToken to another action? The following does of course not work:

[ValidateAntiForgeryToken] public ActionResult CheckSelection(string[] SelectedIds, int SessionId) { ... if (SomeCondition) { return RedirectToAction("Finish", "Session", new { SessionId = SessionId, __RequestVerificationToken = Request.Params["__RequestVerificationToken"] }); } .... }

感谢您的帮助！

推荐答案

这是不可能的。该防伪标记是基于双方的HTTP Cookie和表单中的一个隐藏的价值;做一个动作时重定向，这种形式的价值会丢失，因此防伪标记不能验证。

That is not possible. The anti-forgery token is based on both an Http Cookie and a hidden value in your Form; when doing an Action Redirect, that form value is lost and therefore the anti-forgery token cannot be validated.

您将需要拿出不需要操作重定向设计...

You will need to come up with a design that does not need action redirect...