What is the RequestVerificationToken that I see in my request Cookie on my webpage in ASP .Net MVC?
Hi:
I'm relatively new to figuring out the messaging and hand shaking that takes place between by client (web page) and the back end in an ASP .Net MVC based application.
These might seem like simple or off base questions.
I have 3 questions:
1) I'm examining some of the network requests between my page and back end and I'm looking at the connect$transport. Is this something that's initiated from my page or received by it?
2) Examining that request in detail, I see a number of request Cookies:
- ASP.Net_SessionId
- xxxAuth (which is generated by our application)
- __RequestVerificationToken
Do I have access to any of these from client side scripting (javascript/jquery)?
If so how do I do that?
3) Exactly what is the __RequestVerification_Toke
In looking at my webpage, I notice that there's a hidden input value where this value
has been stuffed in.
Thanks,
JohnB
I'm relatively new to figuring out the messaging and hand shaking that takes place between by client (web page) and the back end in an ASP .Net MVC based application.
These might seem like simple or off base questions.
I have 3 questions:
1) I'm examining some of the network requests between my page and back end and I'm looking at the connect$transport. Is this something that's initiated from my page or received by it?
2) Examining that request in detail, I see a number of request Cookies:
- ASP.Net_SessionId
- xxxAuth (which is generated by our application)
- __RequestVerificationToken
Do I have access to any of these from client side scripting (javascript/jquery)?
If so how do I do that?
3) Exactly what is the __RequestVerification_Toke
In looking at my webpage, I notice that there's a hidden input value where this value
has been stuffed in.
Thanks,
JohnB
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.