ASP.NET Core MVC seems to inject a request verification token in all of my forms:
<form class="actions" method="post">
<input type="submit" class="btn btn-primary" value="Yes">
<a class="btn btn-secondary" href="/some/url">No</a>
<input name="__RequestVerificationToken" type="hidden" value="...">
</form>
I'm handling CSRF in Ajax and don't want this extra input
element in all of my forms. Any way to disable it?
The element is added even without a call to AddAntiforgery
in Startup.cs
. I'm running on ASP.NET Core 3.1.
Copyright Notice:Content Author:「ThomasArdal」,Reproduced under the CC 4.0 BY-SA copyright license with a link to the original source and this disclaimer.
Link to original article:https://stackoverflow.com/questions/60447005/disable-request-verification-token-in-asp-net-core