What is the RequestVerificationToken that I see in my request Cookie on my webpage in ASP .Net MVC?

Hi:

I'm relatively new to figuring out the messaging and hand shaking that takes place between by client (web page) and the back end in an ASP .Net MVC based application.
These might seem like simple or off base questions.

I have 3 questions:

1) I'm examining some of the network requests between my page and back end and I'm looking at the connect$transport. Is this something that's initiated from my page or received by it?

2) Examining that request in detail, I see a number of request Cookies:
    - ASP.Net_SessionId
    - xxxAuth   (which is generated by our application)
    - __RequestVerificationToken_LOVDSQ2

  Do I have access to any of these from client side scripting (javascript/jquery)?
  If so how do I do that?

3) Exactly what is the __RequestVerification_Token?
    In looking at my webpage, I notice that there's a hidden input value where this value
    has been stuffed in.

Thanks,
JohnB
LVL 1
jxbmaSoftware ConsultantAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
SammyConnect With a Mentor Commented:
__RequestVerification_Token is  is an anti forgery token (prevent CSRF attack). It guarantees that the poster is the one who gets the form.

if its a cookie, you can ready it on the client. juqery have a cookie plugin you can use
here is a demo here
http://www.programming-free.com/2013/01/setting-and-getting-cookies-using.html#.UeU-z9Iwcms

I have never heard of connect$transport, it looks like this being created by whatever tool you are using to monitor traffic.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.