Press Ctrl / CMD + C to copy this to your clipboard.
This post will be reported to the moderators as potential spam to be looked at
i'm getting a HTTP 400, when i'm trying to submit a form.
My form markup is equal to the one in the documentation: https://our.umbraco.com/documentation/Fundamentals/Code/Creating-Forms/
the method i'm trying to call is:
public IActionResult SubmitCaseSearch(CaseSearchForm form)
// Do some magic
I hope someone can help me here.
Have you change the markup to call SubmitCaseSearch instead of submit?
Other than that I don't see any problems.
Best regards Frank
Yes, my form looks like this:
I can see that people are talking about issues, with POST, antiforgery token and surface controllers in umbraco 9.
I've just tied removing:
From the form, and now it works :)
Maybe you need this tag [ValidateAntiForgeryToken] for the AntiForgeryToken to work
That does not work out :/
It's still giving me the 404 when i using:
@Html.AntiForgeryToken() in the view, and [ValidateAntiForgeryToken] in the controller.
It looks like .core automaticly adds the AntiForgeryToken:
Here is the sourcecode without:
@Html.AntiForgeryToken() and [ValidateAntiForgeryToken]
Is the name of the Token (input) the same if you use @Html.AntiForgeryToken() ?
Yes, the name attribute is identical with and withour the @Html.AntiForgeryToken()
try use the following:
adding the [FromForm]
public IActionResult SubmitCaseSearch([FromForm] CaseSearchForm form)
// Do some magic
No, Stefan that did not help solving my issue :(
Did you ever find the solution to this? I am running into the same problem.
I have a very basic form and surface controller, and without the antiforgery token they work perfectly. But when i include @Html.AntiForgeryToken() in the form i get a "status code 400: bad request" error. The entire surface controller method wont be executed and debug breakpoints in the method wont be reached.
Perhaps it's a more general asp.net core 5 setting? When googling this issue i came across the following document. It seems that only adding [AutoValidateAntiforgeryToken] for basic post requests seems enough, without explicitly adding @Html.AntiForgeryToken() in the html form.
Can anyone explain how this works exactly?
I think this is because Umbraco automatically adds a AntiForgeryToken for you to the form. If you also have the @Html.AntiForgeryToken, then it'll suddenly have two tokens which causes issues.
If you remove your @Html.AntiForgeryToken and then take a look at your HTML, you'll see that an AntiForgeryToken has already been added as an input.
Yes, an element with the name="__RequestVerificationToken" has been added to the HTML.
So what would be the correct method for checking this token in the controller? [ValidateAntiForgeryToken] or[AutoValidateAntiforgeryToken]? Or something else entirely?
You don't have to do anything with it. If you look at the SurfaceController source code, you can see that there is already a [AutoValidateAntiforgeryToken] attribute on the whole class that'll validate it for you (https://github.com/umbraco/Umbraco-CMS/blob/v9/contrib/src/Umbraco.Web.Website/Controllers/SurfaceController.cs#L20)
Ahh i see! Thanks for the insights Patrick!
is working on a reply...
Write your reply to:
Image will be uploaded when post is submitted