HttpReferrer Validation
public class IsPostedFromThisSiteAttribute : AuthorizeAttribute { public override void OnAuthorize(AuthorizationContext filterContext) { if (filterContext.HttpContext != null) { if (filterContext.HttpContext.Request.UrlReferrer == null) throw new System.Web.HttpException(“Invalid submission”); if (filterContext.HttpContext.Request.UrlReferrer.Host !=“mysite.com”) throw new System.Web.HttpException(“This form wasn’t submitted from this site!”); } } }
[IsPostedFromThisSite] public ActionResult Register(…)