All posts for the month April, 2014

CSRF in MVC asp.net

Sometime 140 characters is not enough to explain your point. Recently on twitter Troy Hunt [someone you should be following] said the following in response to my claim that asp.net mvc did not offer out of the box protection from CSRF. @jmaxxz classic ASP (which this article refers to) has no anti forgery token paradigm, […]