You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -41,9 +41,9 @@ The Form Tag Helper above generates the following HTML:
```HTML
<formmethod="post"action="/Demo/Register">
<!-- Input and Submit elements -->
<inputname="__RequestVerificationToken"type="hidden"value="<removed for brevity>" />
</form>
<!-- Input and Submit elements -->
<inputname="__RequestVerificationToken"type="hidden"value="<removed for brevity>" />
</form>
```
The MVC runtime generates the `action` attribute value from the Form Tag Helper attributes `asp-controller` and `asp-action`. The Form Tag Helper also generates a hidden [Request Verification Token](https://docs.microsoft.com/aspnet/mvc/overview/security/xsrfcsrf-prevention-in-aspnet-mvc-and-web-pages) to prevent cross-site request forgery (when used with the `[ValidateAntiForgeryToken]` attribute in the HTTP Post action method). Protecting a pure HTML Form from cross-site request forgery is difficult, the Form Tag Helper provides this service for you.
