Last post Jun 26, 2018 04:07 PM by KathyW
Jun 05, 2018 09:36 PM|muhammadazeemazam|LINK
1) I have been exposed to CSRF attack.
the code for .net --> gride view is , Not sure what I am missing
Jun 05, 2018 10:06 PM|KathyW|LINK
See the discussion at
If you create a new webforms application project in Visual Studio 2017 (and I think earlier versions to at least 2013), the Site.Master and Site.Master.cs files have CSRF protection baked in. You can look at that code and add it to your site master page,
or if you don't use a master page, to individual pages.
Jun 06, 2018 11:37 AM|Abraham Qian|LINK
From your description, does your project already prevent CSRF? As far as I know, starting with Visual Studio 2012, Microsoft added built-in CSRF protection to new web forms application projects.
We could add CSRF validation token in Master_Page_Init and Master_Page_Preload event handler. In order to ensure that all pages are protected, make sure that all pages use the masterpage.
The following link will be useful to you.
If it still has same issue, please feel free to let me know.
Jun 26, 2018 02:08 PM|muhammadazeemazam|LINK
1) The issue is I don't have the Master Page on my Application.
2) I will have to implement it on individual pages.
3) VS 2012 does provide CSRF code on Master Page, but in my case I don't have master page.
4) My Project doesn't Prevent CSRF.
5) Should I copy the SCRF Code from Site Master Page to all individual Pages? as Kathy Suggested above? Which doesn't make sense to me. I could be wrong as well...
Jun 26, 2018 04:07 PM|KathyW|LINK
If you don't have a master page, yes copy the code to all of your pages that could be subject to an attack. (I'm not sure why you thought that didn't make sense. Using a master page copies that code to all the pages … same result.)