I want to build an application and have urls with no parameters, instead of /Race/2 have only /Race and so on.
I am thinking of using Post-Redirect-Get, every post with [ValidateAntiForgeryToken] . In the post action result i save the parameters in the TempData and i redirect to the view result i want where i am checking TempData.
I think xsrf attacks won’t be a problem.
I do this because i don’t want urls to be ctrl-c ctrl-v.
What do you think?
I want to build an application and have urls with no parameters, instead of
Share
While this will work and make your site safe it will open another problem: SEO. You may forget about thinks like web rank, indexing, etc… from search engines. Your site won’t be indexable. If this is an intranet application and SEO is not a concern for you, then you may go ahead and do it. Or if this is a public internet application and you still don’t care about SEO you may go ahead and do it. And of course if this is only inside the authenticated part of your site then of course SEO is not a concern and you may go ahead and implement it.