antiforgerytoken

问题 I have two .Net Core applications, a Web API and Client. Sending Post from the client using : <form asp-action="Create" method="post"> @Html.AntiForgeryToken() ..... </form> Client controller: public async Task<IActionResult> Create([Bind("QuestionId,TheQuestion")] SecurityQuestion securityQuestion) { _session.SetString(SessionsKeys.Directory, "/SecurityQuestions"); if (ModelState.IsValid) { var data = await _theService.PostWebApi(securityQuestion); if (data.Item3 == "True") { return

问题 I am getting the error in my log. I spent most of my day finding the solution but could not find the one which meets my requirement. Here is the log error severity=[ERROR], ipaddress=xxxx, subprocess=Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery, description=An exception was thrown while deserializing the token. Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted. ---> System.Security.Cryptography.CryptographicException:

问题 I am trying to do a web test in VS2012 for an MVC site. One of the scenarios is to login and go through a list of products, select the one you want and follow through to the purchase page. Problem is that when the web test is run, I get an error about the anti forgery token and that it does not match. How on earth is it possible to do the testing with the anti forgery token? The user must login - there will be thousands of users for the load test (eventually) but need to make it work for 1

问题 My ASP.Net Core MVC application have added Antiforgery middleware like below: startup.cs services.AddMvc(); services.AddSession(); services.AddCaching(); services.AddSession(o => { o.IdleTimeout = TimeSpan.FromMinutes(120); }); services.AddAntiforgery(); I've added below in the view and controller View: <form action="/Home/Login" method="post" id="staff-login" autocomplete="off"> @Html.AntiForgeryToken() ...... Controller [HttpPost, ValidateAntiForgeryToken] public IActionResult Login

问题 My ASP.Net Core MVC application have added Antiforgery middleware like below: startup.cs services.AddMvc(); services.AddSession(); services.AddCaching(); services.AddSession(o => { o.IdleTimeout = TimeSpan.FromMinutes(120); }); services.AddAntiforgery(); I've added below in the view and controller View: <form action="/Home/Login" method="post" id="staff-login" autocomplete="off"> @Html.AntiForgeryToken() ...... Controller [HttpPost, ValidateAntiForgeryToken] public IActionResult Login

问题 I have been trying to recreate an Ajax version of the ValidateAntiForgeryToken - there are many blog posts on how to do this for previous versions of MVC, but with the latest MVC 6, none of the code is relevant. The core principle that I am going after, though, is to have the validation look at the Cookie and the Header for the __RequestVerificationToken , instead of comparing the Cookie to a form value. I am using MVC 6.0.0-rc1-final, dnx451 framework, and all of the Microsoft.Extensions

问题 I have been trying to recreate an Ajax version of the ValidateAntiForgeryToken - there are many blog posts on how to do this for previous versions of MVC, but with the latest MVC 6, none of the code is relevant. The core principle that I am going after, though, is to have the validation look at the Cookie and the Header for the __RequestVerificationToken , instead of comparing the Cookie to a form value. I am using MVC 6.0.0-rc1-final, dnx451 framework, and all of the Microsoft.Extensions

问题 I have been trying to recreate an Ajax version of the ValidateAntiForgeryToken - there are many blog posts on how to do this for previous versions of MVC, but with the latest MVC 6, none of the code is relevant. The core principle that I am going after, though, is to have the validation look at the Cookie and the Header for the __RequestVerificationToken , instead of comparing the Cookie to a form value. I am using MVC 6.0.0-rc1-final, dnx451 framework, and all of the Microsoft.Extensions

问题 I have searched a lot but i don't find how to implement the AutoValidateAntiforgeryToken. I'm creating an Angular 6 spa with TypeScript, connecting to an endpoint .NET Core 2.1 In ConfigureServices added services.AddAntiforgery(options => options.HeaderName = "X-XSRF-TOKEN"); before AddMvc() added in Configure app.Use(next => context => { string path = context.Request.Path.Value; if (string.Equals(path, "/", StringComparison.OrdinalIgnoreCase) || string.Equals(path, "/index.html",

问题 I have searched a lot but i don't find how to implement the AutoValidateAntiforgeryToken. I'm creating an Angular 6 spa with TypeScript, connecting to an endpoint .NET Core 2.1 In ConfigureServices added services.AddAntiforgery(options => options.HeaderName = "X-XSRF-TOKEN"); before AddMvc() added in Configure app.Use(next => context => { string path = context.Request.Path.Value; if (string.Equals(path, "/", StringComparison.OrdinalIgnoreCase) || string.Equals(path, "/index.html",