Uncaught TypeError: Cannot read property 'antiForgery' #3518

kythor created 6 years ago

Hi,

after upgrading to version 1.0.0.0 I get this error when loading the site:

Cannot read property 'antiForgery' of undefined

coming from abp.js

(function(){
    abp.security.antiForgery.tokenCookieName = 'XSRF-TOKEN';
    abp.security.antiForgery.tokenHeaderName = 'X-XSRF-TOKEN';
})();

any help would be appreciated. thx.

7 Answer(s)

alper created 6 years ago

Support Team

the correct code

abp.security = abp.security || {};
    abp.security.antiForgery = abp.security.antiForgery || {};

    abp.security.antiForgery.tokenCookieName = 'XSRF-TOKEN';
    abp.security.antiForgery.tokenHeaderName = 'X-XSRF-TOKEN';

0
kythor created 6 years ago
ok, I updated the complete folder "Abp", so the right updated .js files are used.

but when I try to login now, I get this error:

Request URL:.../Account/Login?returnUrl= Request Method:POST Status Code:400 Empty or invalid anti forgery header token.

what else am I missing?

Request header has this at the end:

X-Requested-With:XMLHttpRequest X-XSRF-TOKEN:null

should it be Null or does it need to contain a value?
0

ismcagdas created 6 years ago
Support Team

Hi @Kythor,

Which version of AspNet Zero Do you use ? Angular1, Angular2, MVC 5.x with jQuery or ASP.NET Core with jQuery ?

Thanks.
0

kythor created 6 years ago

using MVC & jQuery, downloaded in august 2016, so a lot has been changed. abp.js was changed, so to be sure, I copied & overwrite the whole ABP folder on production.

I have found some suggestions about clearing the cookies, but this shouldnt be needed, because its still the same domain, and I dont want my visitors to do that before they can login. <a class="postlink" href="https://github.com/aspnetboilerplate/aspnetboilerplate/issues/2049">https://github.com/aspnetboilerplate/as ... ssues/2049</a>
0

ismcagdas created 6 years ago
Support Team

Hi,

You should also add this line to your _Layout.cshtml file <a class="postlink" href="https://github.com/aspnetzero/aspnet-zero/blob/dev/src/MyCompanyName.AbpZeroTemplate.Web/Views/Layout/_Layout.cshtml#L5">https://github.com/aspnetzero/aspnet-ze ... .cshtml#L5</a>

It sets antiforgery cookie.

thanks.
0

kythor created 6 years ago

this link doesnt work
0

ismcagdas created 6 years ago
Support Team

Hi @Kythor,

It is in private repository. You should login to github wih your username.

If you haven't share your github username with us, please share your username and we will invite you.

Thanks.

Have an answer to this question? Log in and write your answer.