防伪例外:需要的防伪标记不提供或无效 [英] AntiForgery Exception: A required anti-forgery token was not supplied or was invalid
问题描述
我有一个MVC2应用程序。我想实现AntiForgeryToken帮手prevent CSRF攻击。
I have an MVC2 application. I am trying to implement AntiForgeryToken helper to prevent CSRF attacks.
我实现这个使用史蒂夫·桑德森的博客:<一href=\"http://blog.stevensanderson.com/2008/09/01/$p$pvent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/\" rel=\"nofollow\">http://blog.stevensanderson.com/2008/09/01/$p$pvent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/
I am implementing this using Steve Sanderson's blog: http://blog.stevensanderson.com/2008/09/01/prevent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/
当我在一个新的MVC2项目它的工作原理实现这一点。但是,同样的code,当我把它放在我的实际应用中,它总是抛出此异常:
一个必需的防伪标记不提供或无效。
When I implement this in a NEW MVC2 project it works. But the same code when I put it in my REAL application, it ALWAYS throws this exception: A required anti-forgery token was not supplied or was invalid.
下面是我的控制器code:
Here is my Controller code:
[ValidateAntiForgeryToken]
public ActionResult SubmitUpdate()
{
// Something goes here
return View();
}
code在View:
Code in View:
<% using (Html.BeginForm("SubmitUpdate", "Test"))
{%>
<%= Html.AntiForgeryToken() %>
<input type="submit" value="Submit" />
<% } %>
有,除了真正的应用程序使用ADFS进行autentication在两个应用程序没有区别。我在想什么?任何帮助将是非常美联社preciated。谢谢!
There is no difference in the two apps except that the real application uses ADFS for autentication. What am I missing? Any help will be highly appreciated. Thanks!
推荐答案
您是否尝试过删除Cookie,然后再次尝试?
Have you tried deleting your cookies and trying again?
这篇关于防伪例外:需要的防伪标记不提供或无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!