Open Closed

Bad Request - 400 Empty or invalid anti forgery header token #3384

myaccount created


I want call a action with URL from another domain and post a Form Data.


Attribute [DisableAbpAntiForgeryTokenValidation] don't work in this example and I don't want disable :

Configuration.Modules.AbpWeb().AntiForgery.IsEnabled = false;

and I don't want enable:

private static void EnableCors()
            var cors = new EnableCorsAttribute("*", "*", "*");

My Action is:

        public async Task<ActionResult> UserCallBack(int id = 1)
            //MY CODE
            return View();

What is best solution for this error?

I'm using ASP.NET MVC 5.x MPA.

1 Answer(s)
  • 0
    dparizek created

    I have a similar problem but am willing to try disabling antiforgery - except when I add

    Configuration.Modules.AbpWeb().AntiForgery.IsEnabled = false;

    to my ApplicationModule PreInitialize method then I am missing a Using statement as it does not recognize AbpWeb()

    What would be the Using statement? I tried using Abp.Configuration.Startup; no luck.

    Also, I cannot find any EnableCores function in my codebase... where does that go if I want to enable Cors?