AntiforgeryOptions Class

Definition

Namespace:: Microsoft.AspNetCore.Antiforgery

Assembly:: Microsoft.AspNetCore.Antiforgery.dll

Package:: Microsoft.AspNetCore.Antiforgery v1.0.0

Package:: Microsoft.AspNetCore.Antiforgery v1.1.0

Package:: Microsoft.AspNetCore.App.Ref v10.0.0

Package:: Microsoft.AspNetCore.App.Ref v11.0.0-preview.4.26230.115

Package:: Microsoft.AspNetCore.Antiforgery v2.0.0

Package:: Microsoft.AspNetCore.Antiforgery v2.1.0

Package:: Microsoft.AspNetCore.Antiforgery v2.2.0

Package:: Microsoft.AspNetCore.App.Ref v3.0.1

Package:: Microsoft.AspNetCore.App.Ref v3.1.10

Package:: Microsoft.AspNetCore.App.Ref v5.0.0

Package:: Microsoft.AspNetCore.App.Ref v6.0.36

Package:: Microsoft.AspNetCore.App.Ref v7.0.5

Package:: Microsoft.AspNetCore.App.Ref v8.0.19

Package:: Microsoft.AspNetCore.App.Ref v9.0.8

Source:: AntiforgeryOptions.cs

Source:: AntiforgeryOptions.cs

Source:: AntiforgeryOptions.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Provides programmatic configuration for the antiforgery token system.

public ref class AntiforgeryOptions

public class AntiforgeryOptions

type AntiforgeryOptions = class

Public Class AntiforgeryOptions

Inheritance: Object
AntiforgeryOptions

Constructors

Name	Description
AntiforgeryOptions()

Fields

Name	Description
DefaultCookiePrefix	The default cookie prefix, which is ".AspNetCore.Antiforgery.".

Properties

Name	Description
Cookie	Determines the settings used to create the antiforgery cookies.
CookieDomain	Obsolete. This property is obsolete and will be removed in a future version. The recommended alternative is <seealso cref="P:Microsoft.AspNetCore.Http.CookieBuilder.Domain"></seealso> on Cookie. The domain set on the cookie. By default its `null` which results in the "domain" attribute not being set.
CookieName	Obsolete. This property is obsolete and will be removed in a future version. The recommended alternative is <seealso cref="P:Microsoft.AspNetCore.Http.CookieBuilder.Name"></seealso> on Cookie. Specifies the name of the cookie that is used by the antiforgery system.
CookiePath	Obsolete. This property is obsolete and will be removed in a future version. The recommended alternative is <seealso cref="P:Microsoft.AspNetCore.Http.CookieBuilder.Path"></seealso> on Cookie. The path set on the cookie. If set to `null`, the "path" attribute on the cookie is set to the current request's PathBase value. If the value of PathBase is `null` or empty, then the "path" attribute is set to the value of Path.
FormFieldName	Specifies the name of the antiforgery token field that is used by the antiforgery system.
HeaderName	Specifies the name of the header value that is used by the antiforgery system. If `null` then antiforgery validation will only consider form data.
RequireSsl	Obsolete. This property is obsolete and will be removed in a future version. The recommended alternative is to set <seealso cref="P:Microsoft.AspNetCore.Http.CookieBuilder.SecurePolicy"></seealso> on Cookie. `true` is equivalent to Always. `false` is equivalent to None. Specifies whether SSL is required for the antiforgery system to operate. If this setting is 'true' and a non-SSL request comes into the system, all antiforgery APIs will fail.
SuppressReadingTokenFromFormBody	Specifies whether to suppress load of antiforgery token from request body.
SuppressXFrameOptionsHeader	Specifies whether to suppress the generation of X-Frame-Options header which is used to prevent ClickJacking. By default, the X-Frame-Options header is generated with the value SAMEORIGIN. If this setting is 'true', the X-Frame-Options header will not be generated for the response.

Applies to

Feedback

Was this page helpful?

URL: https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.antiforgery.antiforgeryoptions?view=aspnetcore-10.0