 | HelpersHtmlAntiForgeryToken Method |
Generates a hidden form field (anti-forgery token) that is validated when the form is submitted.
Namespace: HandlebarsDotNet.Mvc
Assembly: HandlebarsDotNet.Mvc (in HandlebarsDotNet.Mvc.dll) Version: 1.0.0-beta
Syntaxpublic static void HtmlAntiForgeryToken( TextWriter writer, Object context, params Object[] arguments )
Parameters
- writer
- Type: System.IOTextWriter
The TextWriter provided by HandlebarsDotNet - context
- Type: SystemObject
The context (model) provided by HandlebarsDotNet - arguments
- Type: SystemObject
The arguments from the view, provided by HandlebarsDotNet
Remarks
This helper is among the ones registered if RegisterMvcHelpers is called. If so, it is registered as html_antiforgerytoken but you can choose your own name for this:
It works like https://msdn.microsoft.com/en-us/library/system.web.mvc.htmlhelper.antiforgerytoken.aspx.
C#
var hbsve = new HandlebarsViewEngine(); hbsve.RegisterHelper("html_antiforgerytoken", HandlebarsDotNet.Mvc.Helpers.HtmlAntiForgeryToken);
Usage
{{html_antiforgerytoken}}Arguments
(none)Description
The anti-forgery token can be used to help protect your application against cross-site request forgery. To use this feature, render the anti-forgery token within a form and add the ValidateAntiForgeryTokenAttribute attribute to the action method that you want to protect. For information about cross-site request forgery (CSRF) see https://docs.microsoft.com/en-us/aspnet/mvc/overview/security/xsrfcsrf-prevention-in-aspnet-mvc-and-web-pages. The output is rendered with HandlebarsDotNet's WriteSafeString() meaning that using the triple-mustache is not needed.Examples
This example assumes this helper has been registered as "html_antiforgerytoken".
view.hbs
{{html_antiforgerytoken}}Renders
<input name="__RequestVerificationToken" type="hidden" value="UzCEoDwZ...(quite a long string)" />
See Also