Banging my head up against this issue for a while now.
Basically, with the current version of MvcBridge, if I make an AJAX call in a form, and then want to post the form with the retrieved information, MvcBridge doesn't recognise the AntiForgeryToken and changes the request type from POST to GET.
This wasn't a problem with the old Form Token, as the form token was passed in unencoded text back to the form as a hidden field. With the AntiForgeryToken, a cookie is used to verify the token, and each time the form is posted a new token is generated. So Posting to AJAX causes the AntiForgeryToken on the server to change, leaving the value contained in the form stale and invalidated.
I'm still investigating, but haven't yet found a way around this. Any thoughts?
Ajax breaks Form POST (AntiForgeryToken support)
Banging my head up against this issue for a while now.
Basically, with the current version of MvcBridge, if I make an AJAX call in a form, and then want to post the form with the retrieved information, MvcBridge doesn't recognise the AntiForgeryToken and changes the request type from POST to GET.
This wasn't a problem with the old Form Token, as the form token was passed in unencoded text back to the form as a hidden field. With the AntiForgeryToken, a cookie is used to verify the token, and each time the form is posted a new token is generated. So Posting to AJAX causes the AntiForgeryToken on the server to change, leaving the value contained in the form stale and invalidated.
I'm still investigating, but haven't yet found a way around this. Any thoughts?
- Rob
is working on a reply...