This project is read-only.

Anti Forgery issue during form submitting

Topics: Administration, Core, Customizing Orchard, General, Localization, Troubleshooting, Writing modules, Writing themes
Dec 3, 2012 at 4:17 PM
Edited Dec 3, 2012 at 4:18 PM

I have a custom content part. I'm going to use this part to upload files in admin interface. Of course I have created driver, handler and so on. In directory Views/EditorTemplates/Parts I have custom view. I add following code to that view:


@using (Html.BeginForm("Import", "ImportProducts", FormMethod.Get, new { enctype = "multipart/form-data" }))

    <span>Choose file with CSV extension</span>
    <input type="file" name="file" id="chooseFile"/>


Besides I have a controller ImportProductsController with following action:


public class ImportProductsController : Controller
        public ActionResult Import(HttpPostedFileBase file)
            return new EmptyResult();


But when I click "Save" button I get following exception 


A required anti-forgery token was not supplied or was invalid.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: System.Web.Mvc.HttpAntiForgeryException: A required anti-forgery token was not supplied or was invalid.

Source Error: 


An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace: 

[HttpAntiForgeryException (0x80004005): A required anti-forgery token was not supplied or was invalid.]
   System.Web.Helpers.AntiForgeryWorker.Validate(HttpContextBase context, String salt) +183730
   Orchard.Mvc.AntiForgery.AntiForgeryAuthorizationFilter.OnAuthorization(AuthorizationContext filterContext) in c:\Build\Orchard\src\Orchard\Mvc\AntiForgery\AntiForgeryAuthorizationFilter.cs:39
   System.Web.Mvc.ControllerActionInvoker.InvokeAuthorizationFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor) +156
   System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName) +726324
   System.Web.Mvc.Controller.ExecuteCore() +159
   System.Web.Mvc.ControllerBase.Execute(RequestContext requestContext) +334
   System.Web.Mvc.<>c__DisplayClassb.<BeginProcessRequest>b__5() +62
   System.Web.Mvc.Async.<>c__DisplayClass1.<MakeVoidDelegate>b__0() +15
   System.Web.Mvc.<>c__DisplayClasse.<EndProcessRequest>b__d() +52
   Orchard.Mvc.Routes.HttpAsyncHandler.EndProcessRequest(IAsyncResult result) in c:\Build\Orchard\src\Orchard\Mvc\Routes\ShellRoute.cs:147
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +606
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +288


What can I do with that? I tried to use __RequestVerificationToken: '@Html.AntiForgeryTokenValueOrchard()' like this:


@using (Html.BeginForm("Import", "ImportProducts", FormMethod.Get, new { __RequestVerificationToken: '@Html.AntiForgeryTokenValueOrchard()' }))

but it didn't help me. Please, suggest me something. I need resolve this problem tomorrow...

Dec 3, 2012 at 7:23 PM

Look at how the media picker or the media module is doing it.