ASP.NET MVC 5应用程序中的AntiForgeryToken错误 [英] AntiForgeryToken Error in ASP.NET MVC 5 app

问题描述

我收到此错误-即使在我看来，AntiForgeryToken确实在表单标签内:

I get this error - even though the AntiForgeryToken IS definitely in my view, inside a form tag:

必需的防伪cookie "__RequestVerificationToken_L0NpdTpLaW5nMTZNVkM10"不存在.

The required anti-forgery cookie "__RequestVerificationToken_L0NpdTpLaW5nMTZNVkM10" is not present.

控制器

/// <summary>
/// Delete 
/// </summary>
public ActionResult Delete(int Id)
{
    // Get place from Id
    var poll = PollRepo.Select(Id);

    if (poll == null)
        return HttpNotFound();

    return View(poll);
}

/// <summary>
/// Confirm Delete
/// </summary>
[HttpPost, ActionName("Delete")]
[ValidateAntiForgeryToken]
public ActionResult DeleteConfirmed(int Id)
{
    // Delete poll by Id from db
    PollRepo.Delete(Id);

    // Redirect to index
    TempData["message"] = "Poll Deleted";
    return RedirectToAction("Index");
}

查看

    <dd>
        @Html.DisplayFor(model => model.Abc)
    </dd>

</dl>

@using (Html.BeginForm())
{
    @Html.AntiForgeryToken()

    <div class="form-actions">
        <input type="submit" value="Delete" class="btn btn-default" /> |
        @Html.ActionLink("Back to List", "Index")
    </div>
}

在生成的HTML页面中

<form action="/MyApp/MyCont/MyAct/Delete/7" method="post"><input name="__RequestVerificationToken" type="hidden" value="JYMlRqNTUF6eoagnN6k7GrC1mJLKs1HDU4RCY_5_MEh2sIoJtumYEiM4LQF2BcKrf881xm-zdRU-KwBt381L9vBhuEJRLnMJY8aEgjVvdd41" /> 

当我按下删除按钮时，错误会返回.

When I press the delete button the error is returned.

推荐答案

您看到的错误消息与反伪造 cookie 有关，与令牌无关(您显示的代码将提交令牌)正确地在请求中.)

The error message you see relates to the anti-forgery cookie, not the token (the code you have shown will submit the token correctly in the request).

除了来自恶意用户的攻击或客户端上的某些导致Cookie删除的攻击之外，导致此错误的一个原因是您的web.config.cs文件包含

Other than attacks from a malicious user or something on the client causing the cookie to be deleted, one cause of this error is that your web.config.cs file includes

<httpCookies requireSSL="true" />

但是您的项目未设置为使用SSL.

but you project is not set to use SSL.

这篇关于ASP.NET MVC 5应用程序中的AntiForgeryToken错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！