问题
I get this error - even though the AntiForgeryToken IS definitely in my view, inside a form tag:
The required anti-forgery cookie "__RequestVerificationToken_L0NpdTpLaW5nMTZNVkM10" is not present.
Controller
/// <summary>
/// Delete
/// </summary>
public ActionResult Delete(int Id)
{
// Get place from Id
var poll = PollRepo.Select(Id);
if (poll == null)
return HttpNotFound();
return View(poll);
}
/// <summary>
/// Confirm Delete
/// </summary>
[HttpPost, ActionName("Delete")]
[ValidateAntiForgeryToken]
public ActionResult DeleteConfirmed(int Id)
{
// Delete poll by Id from db
PollRepo.Delete(Id);
// Redirect to index
TempData["message"] = "Poll Deleted";
return RedirectToAction("Index");
}
View
<dd>
@Html.DisplayFor(model => model.Abc)
</dd>
</dl>
@using (Html.BeginForm())
{
@Html.AntiForgeryToken()
<div class="form-actions">
<input type="submit" value="Delete" class="btn btn-default" /> |
@Html.ActionLink("Back to List", "Index")
</div>
}
In generated HTML page
<form action="/MyApp/MyCont/MyAct/Delete/7" method="post"><input name="__RequestVerificationToken" type="hidden" value="JYMlRqNTUF6eoagnN6k7GrC1mJLKs1HDU4RCY_5_MEh2sIoJtumYEiM4LQF2BcKrf881xm-zdRU-KwBt381L9vBhuEJRLnMJY8aEgjVvdd41" />
When I press the delete button the error is returned.
回答1:
The error message you see relates to the anti-forgery cookie, not the token (the code you have shown will submit the token correctly in the request).
Other than attacks from a malicious user or something on the client causing the cookie to be deleted, one cause of this error is that your web.config.cs file includes
<httpCookies requireSSL="true" />
but you project is not set to use SSL.
来源:https://stackoverflow.com/questions/40054447/antiforgerytoken-error-in-asp-net-mvc-5-app