Skip to content
This repository was archived by the owner on Aug 20, 2024. It is now read-only.

The required antiforgery request token was not provided... #14

Closed
matengo opened this issue Mar 20, 2024 · 7 comments
Closed

The required antiforgery request token was not provided... #14

matengo opened this issue Mar 20, 2024 · 7 comments

Comments

@matengo
Copy link

matengo commented Mar 20, 2024

I'm going crazy over this, have tried to figure this out for hours.. I get this error when trying to use smart paste.

Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The required antiforgery request token was not provided in either form field "__RequestVerificationToken" or header value "RequestVerificationToken".

My setup is Blazor Server. The component is using @rendermode InteractiveServer.
I'm adding inside the form for smart paste. I have app.UseAntiforgery() in program.cs. It seems that the hidden field for the __RequestVerificationToken is not added to the form for some reason that I can't find out.. Been searching for hours on this.
@SteveSandersonMS
Copy link
Contributor

I'm not immediately sure why this would happen, since this sample also uses @rendermode InteractiveServer and does not have this problem.

Are you able to provide minimal repro steps? As in, instructions to create a project that recreates the issue. Or even post your repro project as a GitHub repo.

@SteveSandersonMS
Copy link
Contributor

Thanks for tracking that down! I've been able to repro it based on what you said. This is actually another manifestation of dotnet/aspnetcore#54533 (previously we thought it only applied to WebAssembly, but now you've shown us it can happen for Server too).

I'm going to update Smart Components to avoid this problem permanently now. Will let you know when the update is ready.

@SteveSandersonMS SteveSandersonMS mentioned this issue Mar 20, 2024
Closed
@matengo
Copy link
Author

matengo commented Mar 20, 2024

Thank's for your reply.

After many hours tearing down the application I found something. The "AntiforgeryToken" is not working within a interactive @if().

I have an if statement that shows the form if an Order is not null. So I select an order in a list, if one is selected the form show up with a "AntiforgeryToken" within the form.. Then no antiforgery hidden field is generated.

If I place the outside of the if statement a hidden field with antiforgery shows up...

For example:

Hidden field with antiforgery is not generated:
@if (SelectedOrder)
{
"AntiforgeryToken"
}

Hidden field with antiforgery is generated:

"AntiforgeryToken "
@if (SelectedOrder)
{

}

That one was hard to figure out... Is this a feature? :)

@matengo
Copy link
Author

matengo commented Mar 20, 2024

Thank you!! Sorry that I had to post again, the AntiforgeryToken tag dissapeared in the comment..

@SteveSandersonMS SteveSandersonMS mentioned this issue Mar 20, 2024
Merged
@SteveSandersonMS
Copy link
Contributor

OK, the latest build 0.1.0-preview10145 should resolve this problem. If you confirm it works for you, we can close this as fixed!

@SteveSandersonMS
Copy link
Contributor

Since this is addressed by the latest build, I'll close it.

@matengo
Copy link
Author

matengo commented Mar 21, 2024

OK, the latest build 0.1.0-preview10145 should resolve this problem. If you confirm it works for you, we can close this as fixed!

Works perfectly, thanks!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SteveSandersonMS @matengo