如何解决 AntiForgeryToken 异常

Question

我想用bootbox.dialog 登录。我使用以下语法发布 HTML.Form：

 $.get("/account/ajaxlogin", function (data2) {
 bootbox.dialog({
      title: '<h4 style="color:white;">Login</h4>',
      message: data2,
      buttons: {
      "success": {
      "label": "Login",
      "className": "btn-large btn-success",
      "callback": function (e) {
       var flag = false;
        $.ajax({
          url: "/account/login",
          data:$("form").serialize(),
          type: "POST",
          success: function (responseData) {}});

当我点击登录按钮时，我得到AntiForgeryToken 异常

The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the <machineKey> configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster.

我在您的 web.config 中添加了手动机器密钥定义

<machineKey validationKey="40146620D52D81D5F0880209AC6F0C62D80686A5D1CC01E3AB1F75FA92B8DC775B0F97745973D9B69373111D6E7C5F4417B1212D7DD947BAE2AC4E2B10E8DECA" decryptionKey="D3231059079250E64E490418C8860435326DBD9946ABED2D9832E66D20F027AF" validation="SHA1" decryption="AES" />

我使用http://aspnetresources.com/tools/keycreator.aspx

Answer 1

几天前我遇到了同样的问题，我解决了它，因为我的页面上有多个@Html.AntiForgeryToken() 代码段。我的页面上有 2 个，一旦我删除了第二个，这个错误就消失了。

或者尝试在 ajax 调用中发送带有数据的 AntiForgeryToken。

data : { __RequestVerificationToken: $('input[name="__RequestVerificationToken"]').val() }