ASP.NET MVC: does AntiForgeryToken work in mono?

Question

I'm trying to use the Html.AntiForgeryToken in ASP.NET MVC under Mono (XSP) and it does not work. It throws the following exception. Any ideas?

System.ArgumentNullException: Argument cannot be null.
Parameter name: inputString
  at System.Web.UI.ObjectStateFormatter.Deserialize (System.String inputString) [0x00006] in /home/danipen/Downloads/mono-2.8/mcs/class/System.Web/System.Web.UI/ObjectStateFormatter.cs:131 
  at System.Web.UI.HiddenFieldPageStatePersister.Load () [0x00007] in /home/danipen/Downloads/mono-2.8/mcs/class/System.Web/System.Web.UI/HiddenFieldPageStatePersister.cs:57 
  at System.Web.UI.Page.LoadPageStateFromPersistenceMedium () [0x0000f] in /home/danipen/Downloads/mono-2.8/mcs/class/System.Web/System.Web.UI/Page.cs:1763 
  at System.Web.UI.Page.LoadPageViewState () [0x00000] in /home/danipen/Downloads/mono-2.8/mcs/class/System.Web/System.Web.UI/Page.cs:1769 
  at System.Web.UI.Page.RestorePageState () [0x00051] in /home/danipen/Downloads/mono-2.8/mcs/class/System.Web/System.Web.UI/Page.cs:1454 
  at System.Web.UI.Page.InternalProcessRequest () [0x001b9] in /home/danipen/Downloads/mono-2.8/mcs/class/System.Web/System.Web.UI/Page.cs:1433 
  at System.Web.UI.Page.ProcessRequest (System.Web.HttpContext context) [0x0005b] in /home/danipen/Downloads/mono-2.8/mcs/class/System.Web/System.Web.UI/Page.cs:1261 

Do you know any other way to implement this?

Thanks in advanced.

Edit: This is my view code (it's a partial view). If I remove the line <%= Html.AntiForgeryToken() %> all works fine, in other case it thows the exception described above.

<%@ Control Language="C#" Inherits="System.Web.Mvc.ViewUserControl<Codice.Web.Client.Comment>" %>

<div class="comment" style="background-color: #009ACF">
 <div class="comment-meta">
  <p class="comment-author">
   <span class="avatarimage">
    <%= Html.AvatarFor(Model.CommentInfo.Owner) %>
   </span>
   <strong class="comment-author">
     <%= Html.Encode(Model.GetAuthorString()) %>
   </strong>
   says:
  </p>
  <p class="comment-date">
   <%= Html.TimeAgo(Model.CommentInfo.LocalTimeStamp) %>
  </p>
 </div>

 <div class="comment-body">
  <div class="formatted-content">
   <%= Html.Encode(Model.CommentInfo.Comment) %>
  </div>
  <div class="form-content">
   <% using(Html.BeginForm(
                   "EditComment",
                   "Comments",
                   new
                   {
        repository = Model.Repository,
        commentId = Model.CommentInfo.Id
       },
                   FormMethod.Post,
                   null))
       { %>
           <%= Html.AntiForgeryToken() %>
        <%= Html.TextBox("newComment", Model.CommentInfo.Comment) %>

        <div class="form-actions">
         <a class"edit-cancel minibutton" href="#">
          <span>Cancel</span>
         </a>
         <button class="minibutton" type="submit">
          <span>Update comment</span>
         </button>
        </div>
        <%
       }
   %>
  </div>
 </div>
</div>

Answer 1

Do you have [ValidateAntiForgeryToken] attribute set on you controller action which is serving the POST verb?

Edit: Possible solution for this issue is probably using the newest mono from master branch, because this problem can be replicated on older versions of mono (for example tarball from April 22 is causing the same exception).

Edit 2: What is probably really needed to get this working is setting up valid machineKey element in web.config file. Keys can be generated for example with this utility.