代码:
//配置所有POST请求都加入 ValidateAntiforgeryToken 验证 services.AddAntiforgery(options => { options.FormFieldName = "AntiforgeryFieldName"; options.HeaderName = "X-CSRF-TOKEN-HEADERNAME"; options.SuppressXFrameOptionsHeader = false; }); services.AddMvc(options => { options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()); });