How should you complete the relevant code?

70-486 0 Comments

HOTSPOT

You develop an ASP.NET MVC application. The application includes a feature that allows users to reset their passwords. The feature is enabled by a ForgotPassword controller method and a corresponding Razor view.

You need to prevent Cross-Site Request Forgery (CSRF) attacks.

How should you complete the relevant code? To answer, select the appropriate code segment from each list in the answer area.

Answer:

Explanation:

* At the top of the action that we created to handle the posted form, the one with the [HttpPost] attribute added, we’ll add another attribute named [ValidateAntiForgeryToken]. This makes the start of our action now look like the following:

[HttpPost]

[ValidateAntiForgeryToken]

public ActionResult ChangeEmail(ChangeEmailModel model)

{

string username = WebSecurity.CurrentUserName;

*rest of function omitted*

* we must add the unique token to the form to change the user’s email when we display it. Update the form in the ChangeEmail.aspx view under /Account/ChangeForm:

<% using(Html.BeginForm()) { %>

<%: Html.AntiForgeryToken() %>

<%: Html.TextBoxFor(t=>t.NewEmail) %>

<input type="submit" value="Change Email" />

<% } %>

Latest 70-486 Dumps Valid Version with 255 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 70-486 PDF     70-486 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments