Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Bad Request - 400 Empty or invalid anti forgery header token #3384


User avatar
0
myaccount created

Hi

I want call a action with URL from another domain and post a Form Data.

Attribute [DisableAbpAntiForgeryTokenValidation] don't work in this example and I don't want disable :

Configuration.Modules.AbpWeb().AntiForgery.IsEnabled = false;

and I don't want enable:

private static void EnableCors()
        {
            var cors = new EnableCorsAttribute("*", "*", "*");
            System.Web.Http.GlobalConfiguration.Configuration.EnableCors(cors);
        }

My Action is:

[DisableAbpAntiForgeryTokenValidation]
        [HttpPost]
        public async Task<ActionResult> UserCallBack(int id = 1)
        {
            //MY CODE
            return View();
        }

What is best solution for this error?

I'm using ASP.NET MVC 5.x MPA.


1 Answer(s)
  • User Avatar
    0
    dparizek created

    I have a similar problem but am willing to try disabling antiforgery - except when I add

    Configuration.Modules.AbpWeb().AntiForgery.IsEnabled = false;
    

    to my ApplicationModule PreInitialize method then I am missing a Using statement as it does not recognize AbpWeb()

    What would be the Using statement? I tried using Abp.Configuration.Startup; no luck.

    Also, I cannot find any EnableCores function in my codebase... where does that go if I want to enable Cors?