防伪例外：需要的防伪标记不提供或无效 [英] AntiForgery Exception: A required anti-forgery token was not supplied or was invalid

问题描述

我有一个MVC2应用程序。我想实现AntiForgeryToken帮手prevent CSRF攻击。

I have an MVC2 application. I am trying to implement AntiForgeryToken helper to prevent CSRF attacks.

我实现这个使用史蒂夫·桑德森的博客：<一href=\"http://blog.stevensanderson.com/2008/09/01/$p$pvent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/\" rel=\"nofollow\">http://blog.stevensanderson.com/2008/09/01/$p$pvent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/

I am implementing this using Steve Sanderson's blog: http://blog.stevensanderson.com/2008/09/01/prevent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/

当我在一个新的MVC2项目它的工作原理实现这一点。但是，同样的code，当我把它放在我的实际应用中，它总是抛出此异常：
一个必需的防伪标记不提供或无效。

When I implement this in a NEW MVC2 project it works. But the same code when I put it in my REAL application, it ALWAYS throws this exception: A required anti-forgery token was not supplied or was invalid.

下面是我的控制器code：

Here is my Controller code:

[ValidateAntiForgeryToken]
public ActionResult SubmitUpdate()
{

    // Something goes here
    return View();
}

code在View：

Code in View:

<% using (Html.BeginForm("SubmitUpdate", "Test"))
   {%>
   <%= Html.AntiForgeryToken() %>
       <input type="submit" value="Submit" />
<% } %>

有，除了真正的应用程序使用ADFS进行autentication在两个应用程序没有区别。我在想什么？任何帮助将是非常美联社preciated。谢谢！

There is no difference in the two apps except that the real application uses ADFS for autentication. What am I missing? Any help will be highly appreciated. Thanks!

推荐答案

您是否尝试过删除Cookie，然后再次尝试？

Have you tried deleting your cookies and trying again?

这篇关于防伪例外：需要的防伪标记不提供或无效的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！