From 31a7548c20d5639b26c4fa81edaaf2d1777fc684 Mon Sep 17 00:00:00 2001
From: Martin Mladenov <30376060+martinmladenov@users.noreply.github.com>
Date: Wed, 19 Feb 2020 19:54:02 +0200
Subject: [PATCH] Update global application example of
 AutoValidateAntiForgeryTokenAttribute (#17045)

* Update AutoValidateAntiForgeryToken example

* Update anti-request-forgery.md

Co-authored-by: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com>
---
 aspnetcore/security/anti-request-forgery.md | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/aspnetcore/security/anti-request-forgery.md b/aspnetcore/security/anti-request-forgery.md
index 33348125a4..021649ab8e 100644
--- a/aspnetcore/security/anti-request-forgery.md
+++ b/aspnetcore/security/anti-request-forgery.md
@@ -328,11 +328,22 @@ public class ManageController : Controller
 
 Global example:
 
+::: moniker range="< aspnetcore-3.0"
+
+services.AddMvc(options =>
+    options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()));
+
+::: moniker-end
+
+::: moniker range=">= aspnetcore-3.0"
+
 ```csharp
-services.AddMvc(options => 
+services.AddControllersWithViews(options =>
     options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()));
 ```
 
+::: moniker-end
+
 ### Override global or controller antiforgery attributes
 
 The [IgnoreAntiforgeryToken](/dotnet/api/microsoft.aspnetcore.mvc.ignoreantiforgerytokenattribute) filter is used to eliminate the need for an antiforgery token for a given action (or controller). When applied, this filter overrides `ValidateAntiForgeryToken` and `AutoValidateAntiforgeryToken` filters specified at a higher level (globally or on a controller).