Automatically Validate Antiforgery Tokens in ASP.NET Core MVC

Protect your POST endpoints from Cross-Site Resource Forgery (CSRF)

ebeeraheem

View Profile
132 views
Jul 08, 2025
security csrf asp.net core mvc

Manually add the [ValidateAntiForgeryToken] attribute to all POST endpoints to protect against CSRF

Or you can simply

builder.Services.AddControllersWithViews(options =>
{
   options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()); // CSRF protection
});

Done. No need to remember to decorate all your POST action methods with the attribute.

More by ebeeraheem

Generate Cryptographically Secure OTP Codes

7 Nov 28

Add a Global Query Filter to all Domain Entities in .NET

128 Oct 26

JavaScript Date Utility Function

54 Oct 09

Related Snippets

Validate that One of Two Properties is Provided

by ebeeraheem 106