문제
Opened my application in IE.
Created a dummy HTML files and copied the generated hidden field '__RequestVerificationToken" to dummy page.On form submit of this html file I am calling my service. When I opened this dummy page in another tab in IE and on submit. I saw successfully able to submit the data.
ValidateAntiforgey Token failed in this case.
Can any one guide how this kind of issue can be resolved.
해결책 2
I got the answer to my Question
Validate Antiforgery Token compares cookie value with the _requestVerificationToken hidden value. So when a html which has _requestVerificationToken hidden field(copied from application) value in a new tab is opened, on submit of this page it passes ValidateAntiforgery validation because cookie value is same for both the tabs.
다른 팁
Do you mind to post your code in which you put the validation? Maybe something like:
https://stackoverflow.com/questions/20950934
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian[ValidateAntiForgeryToken(Salt="someArbitraryString")]
public ViewResult SubmitUpdate()
{
// ... etc
}
Thanks!
