The required anti-forgery form field RequestVerificationToken is not present Error in user Registration

Question

I am using Membership create user function  then the following error is occurring      The required anti-forgery form field    RequestVerificationToken  is   not present   How can I fix this

User · Answer

i d like to share mine  i have been following this anti forgerytoken tutorial  using asp net mvc 4 with angularjs  but it throws an exception everytime i request using  http post and i figured out the solution is just add  X-Requested-With    XMLHttpRequest  to the headers of  http post  because it seems like the  filterContext HttpContext Request IsAjaxRequest    does not recognize it as ajax and here is my example code   App js  var headers                  X-Requested-With    XMLHttpRequest                RequestVerificationToken    scope token               Content-Type    application json  charset utf-8                http             method   POST             url  baseURL    Save User             data  JSON stringify  scope formData             headers  headers            then function  values                 alert values data              catch function  err                console log err data                  SaveController   HttpPost     MyValidateAntiForgeryToken    public ActionResult User UserModel usermodel

User · Answer

All the other answers in here are also valid  but if none of them solve the issue it is also worth checking that the actual headers are being passed to the server   For example  in a load balanced environment behind nginx  the default configuration is to strip out the   RequestVerificationToken header before passing the request on to the server  see  simple nginx reverse proxy seems to strip some headers

User · Answer

Also make sure avoid not use  ValidateAntiForgeryToken   under  HttpGet       HttpGet    public ActionResult MethodName

User · Answer

In my EPiServer solution on several controllers there was a ContentOutputCache attribute on the Index action which accepted HttpGet  Each view for those actions contained a form which was posting to a HttpPost action to the same controller or to a different one   As soon as I removed that attribute from all of those Index actions problem was gone

User · Answer

Because this comes up with the first search of this   I had this issue only in Internet Explorer and couldnt figure out the what the issue was  Long story short it was not saving the cookie portion of the Token because our  sub domain had an underscore in it  Worked in Chrome but IE Edge didnt not like it

User · Answer

Sometimes you are writing a form action method with a result list  In this case  you cannot work with one action method  So you have to have two action methods with the same name  One with  HttpGet  and another with  HttpPost  attribute   In your  HttpPost  action method  set  ValidateAntiForgeryToken  attribute and also put  Html AntiForgeryToken   in your html form

User · Answer

You will receive the error even when Cookies are not enabled

User · Answer

In my case I was getting this error while making an AJAX post  it turned out to be that the   RequestVerificationToken value wasn t being passed across in the call  I had to manually find the value of this field and set this as a property on the data object that s sent to the endpoint  i e  data   RequestVerificationToken      input name  quot   RequestVerificationToken quot     val      Example HTML    lt form id  quot myForm quot  gt       Html AntiForgeryToken         lt  -- other input fields -- gt        lt input type  quot submit quot  class  quot submitButton quot  value  quot Submit quot    gt     lt  form gt   Javascript   document  on  click     myForm  submitButton   function        var myData              myData   RequestVerificationToken       myForm input name  quot   RequestVerificationToken quot     val         ajax       type   POST       url  myUrl      data  myData      contentType   application x-www-form-urlencoded  charset utf-8       dataType   json       success  function  response          alert  Form submitted               error  function  e          console error  Error submitting form   e         alert  Error submitting form                   return false    prevent form reload      Controller  HttpPost   Route  quot myUrl quot     ValidateAntiForgeryToken  public async Task lt ActionResult gt  MyUrlAsync MyDto dto

User · Answer

Another possibility for those of us uploading files as part of the request  If the content length exceeds  lt httpRuntime maxRequestLength  size in kilo bytes    gt  and you re using request verification tokens  the browser displays the  The required anti-forgery form field    RequestVerificationToken  is not present  message instead of the request length exceeded message   Setting maxRequestLength to a value large enough to cater for the request cures the immediate issue - though I ll admit it s not a proper solution  we want the user to know the true problem of file size  not that of request verification tokens missing

User · Answer

If anyone experiences the error for the same reason why I experience it  here s my solution   if you had Html AntiForgeryToken      change it to  Html AntiForgeryToken

User · Answer

You have  ValidateAntiForgeryToken  attribute before your action  You also should add  Html AntiForgeryToken   in your form

User · Answer

In my case  I had this javascript on the form submit      form   submit function             input   prop  disabled   true         This was removing the hidden RequestVerificationToken from the form being submitted  I changed that to      form   submit function             input type submit    prop  disabled   true          input type text    prop  readonly   true          input type password    prop  readonly   true             and it worked fine

User · Answer

Make sure in your controller that you have your http attribute like    HttpPost    also add the attribute in the controller     ValidateAntiForgeryToken    In your form on your view you have to write    Html AntiForgeryToken      I had Html AntiForgeryToken    without the   sign while it was in a code block  it didn t give an error in Razor but did at runtime  Make sure you look at the   sign of  Html Ant   if it is missing or not

User · Answer

Like this   The Controller   HttpPost   ValidateAntiForgeryToken  public ActionResult MethodName FormCollection formCollection                  Code Block              The View    using Html BeginForm            Html AntiForgeryToken         lt input name       type  text    gt          rest

User · Answer

Got this error in Chrome with default login for ASP NET with Individual User Accounts   cshtml    using  Html BeginForm  Login    Account   new   ReturnUrl   ViewBag ReturnUrl    FormMethod Post  new    class    form-horizontal   role    form             Html AntiForgeryToken        lt h4 gt Use a local account to log in  lt  h4 gt    Controller    HttpPost   AllowAnonymous   ValidateAntiForgeryToken  public async Task lt ActionResult gt  Login LoginViewModel model  string returnUrl    Solved by clearing site data for the site

User · Answer

In my case  I had this in my web config    lt httpCookies requireSSL  true    gt   But my project was set to not use SSL  Commenting out that line or setting up the project to always use SSL solved it

User · Answer

Another thing that can cause this  just ran into this  is the following  if you for some reason disable all your input fields in your form  it will disable the hidden input field that holds your verification token  when the form will be posted back the token value will be missing and will generate the error that it is missing  so what you need to do is to re-enable the input field that holds the verification token and all will be well

User · Answer

In my case incorrect domain in web config for cookies was the reason    lt httpCookies domain   wrong domain com    gt

User · Answer

In my case it was due to adding requireSSL true to httpcookies in webconfig which made the AntiForgeryToken stop working  Example    lt system web gt     lt httpCookies httpOnlyCookies  true  requireSSL  true   gt   lt  system web gt    To make both requireSSL true and  Html AntiForgeryToken   work I added this line inside the Application BeginRequest in Global asax      protected void Application BeginRequest object sender  EventArgs e          AntiForgeryConfig RequireSsl   HttpContext Current Request IsSecureConnection

[asp.net-mvc-4] The required anti-forgery form field "__RequestVerificationToken" is not present Error in user Registration

Examples related to asp.net-mvc-4

Examples related to asp.net-membership