Make a call to SPUtility.ValidateFormDigest() before doing anything esle. This will ensure that the post request is validated (that it is not a cross-site scripting attack) and after that you will not have to worry about AllowUnsafeUpdates as this will be marked as true.
more info
here
No comments:
Post a Comment