You could try the following. In the Web-Form add:
<%= System.Web.Helpers.AntiForgery.GetHtml() %>
This will add a hidden field and a cookie. So if you fill out some form data and post it back to the server you need a simple check:
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
AntiForgery.Validate(); // throws an exception if anti XSFR check fails.
}
AntiForgery.Validate(); throws an exception if anti XSFR check fails.