Update global application example of AutoValidateAntiForgeryTokenAttribute (dotnet#17045)

martinmladenov · Rick-Anderson · web-flow · commit 31a7548c20d5 · 2020-02-19T09:54:02.000-08:00
* Update AutoValidateAntiForgeryToken example

* Update anti-request-forgery.md

Co-authored-by: Rick Anderson &lt;3605364+Rick-Anderson@users.noreply.github.com&gt;
diff --git a/aspnetcore/security/anti-request-forgery.md b/aspnetcore/security/anti-request-forgery.md
@@ -328,11 +328,22 @@ public class ManageController : Controller
 
 Global example:
 
+::: moniker range="< aspnetcore-3.0"
+
+services.AddMvc(options =>
+    options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()));
+
+::: moniker-end
+
+::: moniker range=">= aspnetcore-3.0"
+
 ```csharp
-services.AddMvc(options => 
+services.AddControllersWithViews(options =>
     options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()));
 ```
 
+::: moniker-end
+
 ### Override global or controller antiforgery attributes
 
 The [IgnoreAntiforgeryToken](/dotnet/api/microsoft.aspnetcore.mvc.ignoreantiforgerytokenattribute) filter is used to eliminate the need for an antiforgery token for a given action (or controller). When applied, this filter overrides `ValidateAntiForgeryToken` and `AutoValidateAntiforgeryToken` filters specified at a higher level (globally or on a controller).
