MVC ValidateAntiForgeryToken multi-tabs problem

前端 未结 3 804
再見小時候
再見小時候 2021-02-10 05:56

We\'d been getting \"A required anti-forgery token was not supplied or was invalid.\" errors, and on some further investigation, I\'ve managed to recreate the problem in its sim

3条回答
  •  栀梦
    栀梦 (楼主)
    2021-02-10 06:27

    You could use the same salt:

    <% using(Html.BeginForm("SignIn", "Home", FormMethod.Post)) {%>
        <%= Html.AntiForgeryToken("123")%>
        
    <%}%>
    
    <% using(Html.BeginForm("Protected", "Home", FormMethod.Post)) {%>
        <%= Html.AntiForgeryToken("456")%>
        
    <%}%>
    

    And in your controller:

    [ValidateAntiForgeryToken(Salt = "123")]
    public ActionResult SignIn()
    {
        ViewData["status"] = "Signed In!";
        FormsAuthentication.SetAuthCookie("username", false);
        return View("Index");
    }
    
    [Authorize]
    [ValidateAntiForgeryToken(Salt = "456")]
    public ActionResult Protected()
    {
        ViewData["status"] = "Authed";
        return View("Index");
    }
    

    Do the same with the other token but make sure to pick a different salt.

提交回复
热议问题