asp.net mvc 防止跨站攻击

View

@using (Html.BeginForm("Contact","Home",FormMethod.Post))
{
    @Html.AntiForgeryToken(); //这里增加验证
    @Html.TextBox("test")
    <input type="submit" value="提交"/>
}

Controller

        [ValidateAntiForgeryToken] //这里增加验证
        public ActionResult Contact()
        {
            ViewBag.msg = Request.Form["test"];
            return View();
        }