antiforgerytoken Questions
5
I have an app built using .NET8 Blazor with InteractiveServerRenderMode.
App.razor is configured like in Template you get when you create Blazor Server App with Global Interactivity and Identity.
I...
Bespread asked 4/3 at 17:45
7
My ASP.Net Core MVC application have added Antiforgery middleware like below:
startup.cs
services.AddMvc();
services.AddSession();
services.AddCaching();
services.AddSession(o =>
{
o.IdleTimeou...
Lowbrow asked 8/2, 2017 at 1:18
3
We have a page with several forms. Each has its own @Html.AntiForgeryToken(). On my local machine everything is great.
We deployed to Azure (PAAS), but the __RequestVerificationToken is not being ...
Dalury asked 11/10, 2017 at 8:34
2
Solved
I have deployed an asp.net core app on some load balanced linux servers. I getting an error when POSTing a form to a route due to a failing ValidateAntiForgeryToken attribute (if a POST does not go...
Verb asked 9/5, 2017 at 3:35
10
Solved
My website is raising this exception around 20 times a day, usually the form works fine but there are instances where this issue occur and I don't know why is so random.
This is logged exception b...
Coastal asked 23/10, 2015 at 16:4
21
Solved
I have implemented in my app the mitigation to CSRF attacks following the informations that I have read on some blog post around the internet. In particular these post have been the driver of my im...
Theona asked 2/11, 2010 at 0:39
11
Solved
I have a form post that consistently gives me an anti-forgery token error.
Here is my form:
@using (Html.BeginForm())
{
@Html.AntiForgeryToken()
@Html.EditorFor(m => m.Email)
@Html.EditorFor(...
Sanburn asked 24/4, 2011 at 0:0
3
How can i use an Antiforgery Token in ASP.NET Core 6 Web API with an extern consumer like a iOS or Android App? I don't need user authentication for the requests. The app is hosted on another domai...
Morita asked 2/1, 2022 at 20:32
6
Solved
We have some existing MVC web services that are called AJAX style from web pages. These services make use of the ValidateAntiForgeryToken attribute to help prevent request forgeries.
We are lookin...
Humid asked 13/7, 2012 at 19:11
4
I am trying to avoid "AntiForgery" checking as it always fails when hosted from the 3rd party server. I am using ASP.NET Core 2.0 MVC application.
I added this option in the ConfigureServices func...
Grandaunt asked 21/5, 2018 at 5:3
3
Solved
The former HtmlHelper.AntiForgeryToken method which allows one to override the string path is deprecated.
[ObsoleteAttribute("This method is deprecated. Use the AntiForgeryToken() method instead. ...
Blondie asked 12/11, 2015 at 18:56
4
Solved
I'm using IdentityServer4 with ASP.NET Core 2.2. On the Post Login method I have applied the ValidateAntiForgeryToken. Generally after 20 minutes to 2 hours of sitting on the login page and then at...
Insecticide asked 24/5, 2019 at 14:52
2
Solved
I'm trying to embed a simple web app that will POST user input that is running asp.net Core 2.0 into an iframe. The problem I am having is that while embedded, the request headers that are being ge...
Kirwan asked 5/10, 2018 at 15:40
5
Solved
Here is the scenario:
I have a login page, when user sign it it is redirected to home application page. Then user is using browser back button, and now he is on login page. He tries to login again...
Cunningham asked 19/10, 2012 at 5:30
2
Solved
I want to protect our login actions by AntiforgeryToken attribute - I know why the exception from the topic occurs, however I can't seem to find any good solution for it.
Let say we have the follo...
Avila asked 18/9, 2015 at 13:19
3
DEFAULT PROJECT IN VS 2017
I have created a new Asp.net Core web application in vs 2017 community and published it on a FTP hosting, but when I submit a form (login or user creation) I get this err...
Hereditable asked 17/6, 2017 at 8:11
3
Solved
In regards to this Haacked blog, I'm hesitant to implement the proposed anti-JSON GET hijacking solutions since
The recommended solutions to mitigating JSON hijacking involve non-REST-full JSON ...
Dr asked 6/2, 2011 at 17:44
3
Solved
Normally you use ValidateAntiForgeryToken with HttpPost, like this:
[HttpPost]
[ValidateAntiForgeryToken]
public IActionResult ...
I want to use ValidateAntiForgeryToken without HttpPost so that...
Muddleheaded asked 1/11, 2019 at 19:10
2
Solved
I am working on Angular 6 application with SSO login and .net core web API. The code hits the back end on /token url first time which is a post operation. How do I do the anti forgery in this scena...
Angloindian asked 31/10, 2018 at 15:4
1
Solved
I am getting the error in my log. I spent most of my day finding the solution but could not find the one which meets my requirement.
Here is the log error
severity=[ERROR], ipaddress=xxxx,
subproc...
Weimaraner asked 17/8, 2020 at 3:17
2
Solved
I've an ASP.NET core 2.2 MVC app which exposes a Login page with a basic form (username/password). The controller action is protected by the AntiForgeryTokenAttribute, and the hidden __RequestVerif...
Airel asked 24/10, 2019 at 14:30
1
I have an antirforgery token(@Html.AntiForgeryToken()) on a cshtml page, which generates a cookie
RequestVerificationToken_Lw. The attribute values on this cookie are HTTP and Secure. But I need th...
Penman asked 17/6, 2019 at 15:46
2
Solved
I am developing an ASP.NET Core 3.1 application. I am not using any kind of authentication, session data/logic and form elements. I see the .AspNetCore.Antiforgery cookie in my in my developer cons...
Alduino asked 1/1, 2020 at 19:24
1
Solved
I'd like to implement a filter that skips validation of an antiforgery token when an auth token authentication (Bearer) is used.
In the ASP.NET Core 2.2 the ValidateAntiforgeryTokenAuthorizationFi...
Walsingham asked 31/12, 2019 at 15:47
2
Solved
The steps:
The login page is opened in two different tabs.
User A logs from Tab 1 (No issues)
Without refreshing the tab 2, user B tries to log in.
Redirects to 400 page.
(Exception: Microsoft...
Bushire asked 11/10, 2018 at 12:45
1 Next >
© 2022 - 2024 — McMap. All rights reserved.