Asp.net mvc 所需的防伪cookie“__RequestVerificationToken“;他不在场。MVC5
所需的防伪cookie“\uu RequestVerificationToken”不存在 当用户尝试注册时,它很少出现 我用的是Elmah tracker。来自客户端的数据具有表单字段“\uu RequestVerificationToken” 我找不出原因。请查看以下数据 提前谢谢Asp.net mvc 所需的防伪cookie“__RequestVerificationToken“;他不在场。MVC5,asp.net-mvc,cookies,Asp.net Mvc,Cookies,所需的防伪cookie“\uu RequestVerificationToken”不存在 当用户尝试注册时,它很少出现 我用的是Elmah tracker。来自客户端的数据具有表单字段“\uu RequestVerificationToken” 我找不出原因。请查看以下数据 提前谢谢 <error application="/LM/W3SVC/3/ROOT" host="N816A" type="System.Web.Mvc.HttpAntiForgeryException" messag
<error application="/LM/W3SVC/3/ROOT" host="N816A" type="System.Web.Mvc.HttpAntiForgeryException" message="The required anti-forgery cookie "__RequestVerificationToken" is not present." source="System.Web.WebPages" detail="System.Web.Mvc.HttpAntiForgeryException (0x80004005): The required anti-forgery cookie "__RequestVerificationToken" is not present.
at System.Web.Helpers.AntiXsrf.TokenValidator.ValidateTokens(HttpContextBase httpContext, IIdentity identity, AntiForgeryToken sessionToken, AntiForgeryToken fieldToken)
at System.Web.Helpers.AntiXsrf.AntiForgeryWorker.Validate(HttpContextBase httpContext)
at System.Web.Mvc.ControllerActionInvoker.InvokeAuthorizationFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor)
at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass21.<BeginInvokeAction>b__19(AsyncCallback asyncCallback, Object asyncState)" time="2015-06-20T10:35:41.3420000Z" statusCode="500">
<serverVariables>
<item name="ALL_HTTP">
<value string="HTTP_CONNECTION:keep-alive
HTTP_CONTENT_LENGTH:328
HTTP_CONTENT_TYPE:application/x-www-form-urlencoded
HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
HTTP_ACCEPT_ENCODING:gzip, deflate
HTTP_ACCEPT_LANGUAGE:en-us
HTTP_HOST:www.----.com
HTTP_REFERER:https://www.----.com/Account/Login
HTTP_USER_AGENT:Mozilla/5.0 (iPad; CPU OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F69 Safari/600.1.4
HTTP_ORIGIN:https://www.----.com
"/>
</item>
<item name="ALL_RAW">
<value string="Connection: keep-alive
Content-Length: 328
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-us
Host: www.----.com
Referer: https://www.----.com/Account/Login
User-Agent: Mozilla/5.0 (iPad; CPU OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F69 Safari/600.1.4
Origin: https://www.----.com
"/>
</item>
<item name="APPL_MD_PATH">
<value string="/LM/W3SVC/3/ROOT"/>
</item>
<item name="APPL_PHYSICAL_PATH">
<value string="D:\WebSite\----\"/>
</item>
<item name="AUTH_TYPE">
<value string=""/>
</item>
<item name="AUTH_USER">
<value string=""/>
</item>
<item name="AUTH_PASSWORD">
<value string="*****"/>
</item>
<item name="LOGON_USER">
<value string=""/>
</item>
<item name="REMOTE_USER">
<value string=""/>
</item>
<item name="CERT_COOKIE">
<value string=""/>
</item>
<item name="CERT_FLAGS">
<value string=""/>
</item>
<item name="CERT_ISSUER">
<value string=""/>
</item>
<item name="CERT_KEYSIZE">
<value string="128"/>
</item>
<item name="CERT_SECRETKEYSIZE">
<value string="2048"/>
</item>
<item name="CERT_SERIALNUMBER">
<value string=""/>
</item>
<item name="CERT_SERVER_ISSUER">
<value string="C=GB, S=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO SSL CA"/>
</item>
<item name="CERT_SERVER_SUBJECT">
<value string="OU=Domain Control Validated, OU="Hosted by Korea Information Certificate Authority, Inc.", OU=COMODO SSL, CN=www.----.com"/>
</item>
<item name="CERT_SUBJECT">
<value string=""/>
</item>
<item name="CONTENT_LENGTH">
<value string="328"/>
</item>
<item name="CONTENT_TYPE">
<value string="application/x-www-form-urlencoded"/>
</item>
<item name="GATEWAY_INTERFACE">
<value string="CGI/1.1"/>
</item>
<item name="HTTPS">
<value string="on"/>
</item>
<item name="HTTPS_KEYSIZE">
<value string="128"/>
</item>
<item name="HTTPS_SECRETKEYSIZE">
<value string="2048"/>
</item>
<item name="HTTPS_SERVER_ISSUER">
<value string="C=GB, S=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO SSL CA"/>
</item>
<item name="HTTPS_SERVER_SUBJECT">
<value string="OU=Domain Control Validated, OU="Hosted by Korea Information Certificate Authority, Inc.", OU=COMODO SSL, CN=www.----.com"/>
</item>
<item name="INSTANCE_ID">
<value string="3"/>
</item>
<item name="INSTANCE_META_PATH">
<value string="/LM/W3SVC/3"/>
</item>
<item name="LOCAL_ADDR">
<value string="10.57.14.250"/>
</item>
<item name="PATH_INFO">
<value string="/Account/Register"/>
</item>
<item name="PATH_TRANSLATED">
<value string="D:\WebSite\----\Account\Register"/>
</item>
<item name="QUERY_STRING">
<value string=""/>
</item>
<item name="REMOTE_ADDR">
<value string="222.152.222.107"/>
</item>
<item name="REMOTE_HOST">
<value string="222.152.222.107"/>
</item>
<item name="REMOTE_PORT">
<value string="57745"/>
</item>
<item name="REQUEST_METHOD">
<value string="POST"/>
</item>
<item name="SCRIPT_NAME">
<value string="/Account/Register"/>
</item>
<item name="SERVER_NAME">
<value string="www.----.com"/>
</item>
<item name="SERVER_PORT">
<value string="443"/>
</item>
<item name="SERVER_PORT_SECURE">
<value string="1"/>
</item>
<item name="SERVER_PROTOCOL">
<value string="HTTP/1.1"/>
</item>
<item name="SERVER_SOFTWARE">
<value string="Microsoft-IIS/7.5"/>
</item>
<item name="URL">
<value string="/Account/Register"/>
</item>
<item name="HTTP_CONNECTION">
<value string="keep-alive"/>
</item>
<item name="HTTP_CONTENT_LENGTH">
<value string="328"/>
</item>
<item name="HTTP_CONTENT_TYPE">
<value string="application/x-www-form-urlencoded"/>
</item>
<item name="HTTP_ACCEPT">
<value string="text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"/>
</item>
<item name="HTTP_ACCEPT_ENCODING">
<value string="gzip, deflate"/>
</item>
<item name="HTTP_ACCEPT_LANGUAGE">
<value string="en-us"/>
</item>
<item name="HTTP_HOST">
<value string="www.----.com"/>
</item>
<item name="HTTP_REFERER">
<value string="https://www.----.com/Account/Login"/>
</item>
<item name="HTTP_USER_AGENT">
<value string="Mozilla/5.0 (iPad; CPU OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F69 Safari/600.1.4"/>
</item>
<item name="HTTP_ORIGIN">
<value string="https://www.----.com"/>
</item>
</serverVariables>
<form>
<item name="__RequestVerificationToken">
<value string="NfS-jtWU5SbI8M605BxJI9soh5wRn0BSrDoxLUFbwH_rQfwWZ3R60I1h2uPosZOMnhYpcjgh5Mg5tjDDziNKGZBFTVw1"/>
</item>
<item name="UserName">
<value string="----"/>
</item>
<item name="Password">
<value string="----"/>
</item>
<item name="ConfirmPassword">
<value string="----"/>
</item>
<item name="RealName">
<value string="Earl ----"/>
</item>
<item name="Email">
<value string="----@gmail.com"/>
</item>
<item name="Birth">
<value string="1984-05-08"/>
</item>
<item name="PhoneNumber">
<value string="083566----"/>
</item>
<item name="AcceptPolicyAndTerm">
<value string="true"/>
<value string="false"/>
</item>
</form>
<cookies>
<item name="ASP.NET_SessionId">
<value string="1avxrf2rgcawh0nywaed03bd"/>
</item>
</cookies>
</error>
AntiForgeryTokens基于登录的用户名和其他内容,因此它将失败并抛出错误。看起来这就是发生在你身上的事情,因为它是在登录方法上。基本上,将未授权用户的令牌与授权用户的预期令牌值进行比较 您可能必须从登录页面中删除antiforgery令牌。关于这个话题已经进行了大量旷日持久的讨论,没有人能够达成共识 以下是其中一些:
- “”
- “”