Bad Request - 400 Empty or invalid anti forgery header token #3384

myaccount created 7 years ago

I want call a action with URL from another domain and post a Form Data.

Attribute [DisableAbpAntiForgeryTokenValidation] don't work in this example and I don't want disable :

Configuration.Modules.AbpWeb().AntiForgery.IsEnabled = false;

and I don't want enable:

private static void EnableCors()
        {
            var cors = new EnableCorsAttribute("*", "*", "*");
            System.Web.Http.GlobalConfiguration.Configuration.EnableCors(cors);
        }

My Action is:

[DisableAbpAntiForgeryTokenValidation]
        [HttpPost]
        public async Task<ActionResult> UserCallBack(int id = 1)
        {
            //MY CODE
            return View();
        }

What is best solution for this error?

I'm using ASP.NET MVC 5.x MPA.

1 Answer(s)

0
dparizek created 4 years ago
I have a similar problem but am willing to try disabling antiforgery - except when I add

Configuration.Modules.AbpWeb().AntiForgery.IsEnabled = false;

to my ApplicationModule PreInitialize method then I am missing a Using statement as it does not recognize AbpWeb()

What would be the Using statement? I tried using Abp.Configuration.Startup; no luck.

Also, I cannot find any EnableCores function in my codebase... where does that go if I want to enable Cors?

Have an answer to this question? Log in and write your answer.