Super Hornet
Reputation: 2907
anti-forgery error in my mvc app
I created a simple MVC4 application with below codes:
Controller:
[AllowAnonymous]
[HttpGet]
[ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model)
{
return View();
}
View:
<div>
@using (Html.BeginForm("Login","Administrator",FormMethod.Get))
{
@Html.ValidationSummary(true)
@Html.AntiForgeryToken()
@Html.LabelFor(x=>x.username)
@Html.TextBoxFor(x=>x.username)
@Html.LabelFor(x=>x.password)
@Html.TextBoxFor(x=>x.password)
<input type="submit" value="Submit" />
}
</div>
After running the Application and going to this Address: http://xxx/Administrator/Login
I got this error:
The required anti-forgery cookie "__RequestVerificationToken" is not present.
What is wrong with that?
Upvotes: 2
Views: 710
Answers (1)
Wiktor Zychla
Reputation: 48314
Antiforgery token makes sense on POSTs while your request is a GET request.
You should have a Login method that just displays the login screen (HttpGet) and another method that accepts the posted values (HttpPost).
The one that just displays values should not take the model as the parameter, rather, it should just create an empty model.
Both methods could render the same view.
Upvotes: 3
Related Questions
- Anti-Forgery error on IIS C# MVC embedded
- Anti Forgery validation is not working in MVC 4
- MVC - anti-forgery token error
- Anti forgery system on ASP.Net MVC
- MVC 4 Anti-Forgery Not Found
- ASP.MVC The required anti-forgery form field errors
- A required anti-forgery token was not supplied or was invalid
- MVC3 :a required anti-forgery token was not supplied or was invalid
- Problem with Validate Anti Forgery
- AntiForgery Exception: A required anti-forgery token was not supplied or was invalid