When adding the 'services.AddMvc(options => { options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute()); })', I'me getting the following error:
"Error registering the viewer with the service."
Without this option all works fine. I've found the https://localhost:44364/api/reports/clients request returns 400 (Bad Request) error code. It happens even I've added the __requestverificationtoken request header.
The test project can be find here https://drive.google.com/file/d/1hxY64mVx_c0zMYt-9oB3KG2NbPUEugsb/view?usp=sharing
Please, use the link "https://localhost:44364/api/reports/index" to load the reports page.
2 Answers, 1 is accepted
0
Hello Alex,
I tested the provided sample and indeed, I was able to reproduce the error. I must say that I'm not an expert in .NET Core, so I researched further about antiforgery tokens and I was able to fix the problem using the following configuration:
Assuming the script requests to send the token in a header is called __RequestVerificationToken, configure the antiforgery service to look for this __RequestVerificationToken header.
For more information, please check Prevent Cross-Site Request Forgery (XSRF/CSRF) attacks in ASP.NET Core (JavaScript, AJAX, and SPAs section).
Best Regards,
Silviya
Progress Telerik
I tested the provided sample and indeed, I was able to reproduce the error. I must say that I'm not an expert in .NET Core, so I researched further about antiforgery tokens and I was able to fix the problem using the following configuration:
services.AddAntiforgery(options => options.HeaderName = "__RequestVerificationToken");Assuming the script requests to send the token in a header is called __RequestVerificationToken, configure the antiforgery service to look for this __RequestVerificationToken header.
For more information, please check Prevent Cross-Site Request Forgery (XSRF/CSRF) attacks in ASP.NET Core (JavaScript, AJAX, and SPAs section).
Best Regards,
Silviya
Progress Telerik
Do you want to have your say when we set our development plans?
Do you want to know when a feature you care about is added or when a bug fixed?
Explore the
Telerik Feedback Portal
and vote to affect the priority of the items
0
PaulH
Top achievements
Rank 1
Rank 1
answered on 24 May 2019, 07:45 AM
Given that it's currently working and we're behind schedule we'll leave it as it is and perhaps look at this at a later stage to see if we can get it working.