I am trying to use an EditForm
in an application with authentication and authorization working correctly. When I tried to submit an EditForm
, I get this error:
A valid antiforgery token was not provided with the request. Add an antiforgery token, or disable antiforgery validation for this endpoint.
I have done the following in the Program.cs
file:
builder.Services.AddAntiforgery(options =>
{
options.FormFieldName = "AntiforgeryFieldname";
options.HeaderName = "X-CSRF-TOKEN-HEADERNAME";
options.SuppressXFrameOptionsHeader = false;
options.Cookie.HttpOnly = true;
options.Cookie.SameSite = SameSiteMode.Strict;
options.Cookie.IsEssential = true;
options.Cookie.SecurePolicy = CookieSecurePolicy.None;
});
// . . .
// . . .
app.UseAntiforgery();
In my EditForm
on a Blazor component page, I have:
<EditForm method="post" Model="Membership" OnValidSubmit="AddMembership" FormName="create" Enhance>
<DataAnnotationsValidator />
<ValidationSummary class="text-danger" />
<input typeof="hidden" id="AntiforgeryFieldname"/>
I am not sure what I did wrong. Before implementing authentication and authorization, the EditForm
worked correctly.
I expected this to work based on the Microsoft documentation.