HTTP-Only Anti-Forgery Token Error. #12323

truist.software created yesterday

ASP.NET CORE MVC & jQuery: v13.3.0 .NET 8

Adding HTTP-Only to the XSRF-TOKEN cookie results in 400 (Bad Request) errors throughout the application. Followed "HTTP-Only Anti-Forgery Token in ASP.NET Zero" blog. https://aspnetzero.com/blog/http-only-anti-forgery-token-in-asp.net-zero..

Attached is a screenshot from DevTools with a service call. All calls throughout the application result in a 400 (Bad Request) error.

0

m.aliozkaya created yesterday
Support Team

Hi @truist.software,

Can you share your request network and the cookies?
0

truist.software created yesterday

Updated with Cookies and Network information.

Have an answer to this question? Log in and write your answer.