Reputation: 21
Antiforgery token issue in Internet Explorer
I have my ASP.NET MVC5 application which is hosted on IIS and recently I have changed its authentication to "Anonymous" from "Windows" since we wanted to have AAD token for some API call.
We are seeing issues. Whenever the application is opened from Internet Explorer there are exceptions:
The required anti-forgery form field "__RequestVerificationToken" is not present.
We added the Authorize attribute in the action methods and added @Html.AntiForgeryToken() in the .cshtml file.
The same application runs fine in Microsoft Edge and in Chrome.
The application should work in IE as well as its working on Edge and Chrome
Upvotes: 2
Views: 1142
Answers (1)
Reputation: 145
Since it works fine in Chrome, FireFox and Edge, this issue isn't be caused by code. It must be related to some settings in IE.
The way the anti forgery helper
@Html.AntiForgeryToken()
works is by injecting a hidden form field named __RequestVerificationToken into the page AND it also sets a cookie into the browser. When the form is posted back the two are compared and if they don't match or the cookie is missing then the error is thrown.
Please check the Cookie Settings of Opera, make sure Opera accept the cookie that @Html.AntiForgeryToken() sets.
About how to enable Cookie in IE: https://www.whatismybrowser.com/guides/how-to-enable-cookies/internet-explorer
May be this will help you.
Upvotes: 1
Related Questions
- Troubleshooting anti-forgery token problems
- How to disable the antiforgery token check in ASP.NET MVC Core 2
- The anti-forgery token Error
- Correct usage of AntiForgery token in ASP.NET 5 in SPA application?
- anti-forgery token error
- Trouble with antiforgery token using owin
- ASP.NET MVC 3 web site anti-forgery token fails only on IE
- AntiForgery Exception: A required anti-forgery token was not supplied or was invalid
- MVC3 AntiForgeryToken Issue
- ASP.MVC antiforgery token and cryptographic errors