http://www.cnblogs.com/zhyp/p/5556980.html
http://www.asp.net/web-api/overview/security/preventing-cross-site-request-forgery-csrf-attacks
http://www.cnblogs.com/walkerwang/p/3554486.html
http://www.codethinked.com/aspnet-mvc-ajax-csrf-protection-with-jquery-15
http://stackoverflow.com/questions/4074199/jquery-ajax-calls-and-the-html-antiforgerytoken
http://www.cnblogs.com/jiangzhen/p/3870925.html
http://blog.csdn.net/cpytiger/article/details/8781457
http://stackoverflow.com/questions/16815634/reload-antiforgerytoken-after-a-login
http://www.cnblogs.com/icyJ/p/AntiForgeryToken.html
aspx:
http://www.cnblogs.com/eric-qin/p/4991455.html
http://anticsrf.codeplex.com
http://haacked.com/archive/2009/04/02/csrf-webforms.aspx/
http://blog.itpub.net/519536/viewspace-680842
