1.6, Web Api, and RequestVerificationToken

Topics: Core, Customizing Orchard, General, Writing modules
Nov 17, 2012 at 12:15 PM

Good morning,

   I upgraded from 1.5x (I cloned this and started using Web Api about two months ago) to 1.6, and now I find that all of my Web Api calls are sending back 500 errors. I inspect the response, and it says that the form field "__RequestVerificationToken" isn't present. The question is, why is it suddenly asking for this?

   I then go to the module.txt and make anti-forgery disabled, but I get the exact same errors, it still wants this token. Why is this not adjustable? I feel like it has to be a global variable, and not at the module.txt level, because I just can't seem to use this api without this token.

   Any ideas?



Nov 17, 2012 at 9:50 PM

Bah....it works now without this token needed. Why? I have no idea. Moving on....