Using AntiForgeryTokens in ASP.NET MVC with AngularJS

Protection against CSRF (use of AntiForgery tokens) is supported in both the ASP.NET MVC and AngularJS frameworks. However, they have different implementations. What this means is that the default implementation of ASP.NET MVC for AntiForgery tokens will not work out-of-the box on an AngularJS front-end. In this post we will look at this in more detail and come up with a solution to the problem.

Integrating Custom Validation with ASP.NET MVC ModelState

One common pattern we see in ASP.NET MVC controller actions is a conditional check for ModelState.IsValid, with different branches getting executed based on whether the result is true or false. The ModelState captures errors arising from data annotations such as Required and StringLength. When there are custom validations that cannot be captured using data annotations, what usually happens is that these validations are checked in the success block of ModelState.IsValid. In this post we are going to talk about how to integrate custom validation into ModelState.