The AntiForgeryToken is designed to limit exposure to XSRF attacks. The particular scenario here is that you want to verify the authenticity of the form itself and that you want to hide the information from attackers. This is SSL's territory.
Hmmmm...true. Just our mate did not sound like he's keen for SSL, so I went digging stuff out the wrong section in the back of my rusted memory.
Thanks for correcting me!
“Programmers are in a race with the Universe to create bigger and better idiot-proof programs, while the Universe is trying to create bigger and better idiots. So far the Universe is winning.”
(Rich Cook)
lenocin
Member
206 Points
148 Posts
Re: How Can I Create A secure Form URL?
Jan 14, 2010 04:41 AM|LINK
Hmmmm...true. Just our mate did not sound like he's keen for SSL, so I went digging stuff out the wrong section in the back of my rusted memory.
Thanks for correcting me!
(Rich Cook)