Update anti-request-forgery for multiple tabs

Rick-Anderson · web-flow · commit 74bf1b4717a7 · 2024-12-06T10:25:14.000-10:00
Fixes #25564
diff --git a/aspnetcore/security/anti-request-forgery.md b/aspnetcore/security/anti-request-forgery.md
@@ -159,9 +159,7 @@ Calling <xref:Microsoft.Extensions.DependencyInjection.MvcServiceCollectionExten
 
 ## Multiple browser tabs and the Synchronizer Token Pattern
 
-With the Synchronizer Token Pattern, only the most recently loaded page is guaranteed to contain a valid antiforgery token. Apps that wish to support multiple tabs should test supported browsers and log failures. ***Using multiple tabs can be problematic***. For example, if a user opens multiple tabs, requests made from previously loaded tabs might fail with an error: `Antiforgery token validation failed. The antiforgery cookie token and request token do not match`
- 
- Consider alternative CSRF protection patterns if this poses an issue.
+Multiple tabs with different uses is not supported, including a user and anonymous.
 
 ## Configure antiforgery with `AntiforgeryOptions`
 
