[RESOLVED]MVC5 partial view AntiForgeryToken problem

Hello,

I have an MVC5 webpage which has a partial view. My question is that, should I use  @Html.AntiForgeryToken() on both the webpage and the partial view? or I should use it only on the web page. The reason I am asking is that, when I use  @Html.AntiForgeryToken()
on the partial view I get an error saying the correct token hasn’t been received.

Does anyone know about this?

Thank you

It should be used in any <form> you’re building (and also the [ValidateAntiForgeryToken] attribute on any corresponding action method).

Hi Pranav54,

Thanks for your post.

As BrockAllen said,You should  use it  in any <form> you’re building ,don’t forget to add the attribute ValidateAntiForgeryToken to the controller POST method.

Like this:

@using (Html.BeginForm())
{
    @Html.AntiForgeryToken()
   // @Html.HiddenFor(....)
}
[HttpPost]
[ValidateAntiForgeryToken]
        public ActionResult Index()
        {
            return View();
        }

More information:

#All ASP.NET MVC Forms Need To Include Html.AntiForgeryToken() For Security

http://peterkellner.net/2014/05/19/asp-net-mvc-forms-need-include-html-antiforgerytoken-security/

If there’s anything else I can do for you regarding this matter,please feel free to post back in this forum.

Best Regards,

Eileen

Leave a Reply