I just installed ASP.Net MVC 4 RC to replace the beta version of ASP.Net MVC 4. When I try to start an existing application, an error message appears that AntiForgeryToken is outdated. Here is my code:
using (Html.BeginForm("", "", FormMethod.Post, new { id = "MonthElectionForm" })) { @Html.AntiForgeryToken("AddEditMonthElection") }
---- UPDATE ---
ASP.Net MVC 4 RC made the Salt property obsolete for the ValidateAntiForgeryToken attribute and the AntiForgeryToken html helper. So now my code looks like this:
controller:
[HttpPost] [ValidateAntiForgeryToken] public JsonResult CreateCompany(CompanyDataEntryViewModel modelData) {...}
the form:
@using (Html.BeginForm("", "", FormMethod.Post, new { id = "CreateCompanyDataEntryForm" })) { @Html.AntiForgeryToken() ... }
Looking at the generated HTML, AntiForgeryToken still generates a hidden field and provides an encrypted value. My action is still working. But I lost the ability to assign a key for use in the encryption process. I am not too sure how this process works, but before I can say that I set the value of salt in action and form. The values ββmust match for the action to accept the message. So how do you now set the salt value? I think this has something to do with AntiForgeryConfig AdditionalDataProvider, but I cannot find anything that could be used to use AntiForgeryConfig AdditionalDataProvider. Please, help.
thank
asp.net-mvc asp.net-mvc-3 asp.net-mvc-4 antiforgerytoken
Tom Schreck Jun 01 '12 at 13:33 2012-06-01 13:33
source share