{"id":268,"date":"2021-04-15T21:55:15","date_gmt":"2021-04-15T12:55:15","guid":{"rendered":"https:\/\/mvc.auctionpro.co.kr\/?page_id=268"},"modified":"2021-04-15T21:55:15","modified_gmt":"2021-04-15T12:55:15","slug":"mvcs-anti-forgery","status":"publish","type":"page","link":"https:\/\/mvc.auctionpro.co.kr\/?page_id=268","title":{"rendered":"MVC&#8217;s anti-forgery"},"content":{"rendered":"<p>\uc704\uc870 \ubc29\uc9c0<\/p>\n<p>MVC&#8217;s anti-forgery support writes a unique value to an HTTP-only cookie and then the same value is written to the form. When the page is submitted, an error is raised if the cookie value doesn&#8217;t match the form value.<\/p>\n<p>It&#8217;s important to note that the feature prevents cross site request forgeries. That is, a form from another site that posts to your site in an attempt to submit hidden content using an authenticated user&#8217;s credentials. The attack involves tricking the logged in user into submitting a form, or by simply programmatically triggering a form when the page loads.<\/p>\n<p>The feature doesn&#8217;t prevent any other type of data forgery or tampering based attacks.<\/p>\n<p>To use it, decorate the action method or controller with the ValidateAntiForgeryToken attribute and place a call to @Html.AntiForgeryToken() in the forms posting to the method.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\uc704\uc870 \ubc29\uc9c0 MVC&#8217;s anti-forgery support writes a unique value to an HTTP-only cookie and then the same value is written to the form. When the page is submitted, an error is raised if the cookie value doesn&#8217;t match the form value. It&#8217;s important to note that the feature prevents cross site request forgeries. That is,\u2026 <span class=\"read-more\"><a href=\"https:\/\/mvc.auctionpro.co.kr\/?page_id=268\">Read More &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-268","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/mvc.auctionpro.co.kr\/index.php?rest_route=\/wp\/v2\/pages\/268","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mvc.auctionpro.co.kr\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/mvc.auctionpro.co.kr\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/mvc.auctionpro.co.kr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mvc.auctionpro.co.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=268"}],"version-history":[{"count":1,"href":"https:\/\/mvc.auctionpro.co.kr\/index.php?rest_route=\/wp\/v2\/pages\/268\/revisions"}],"predecessor-version":[{"id":269,"href":"https:\/\/mvc.auctionpro.co.kr\/index.php?rest_route=\/wp\/v2\/pages\/268\/revisions\/269"}],"wp:attachment":[{"href":"https:\/\/mvc.auctionpro.co.kr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=268"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}