The anti-forgery token could not be decrypted
Hans Karlsen (talk | contribs) m (Hans moved page The anti-forgery token could not be decrypted. to The anti-forgery token could not be decrypted: Dot at the end removed) |
(Automatically adding template at the end of the page.) |
||
| (4 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the <machineKey> configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster. | The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the <machineKey> configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster. | ||
This page produced by us contains an ID (antiforgerytoken) - it is new each time. | |||
It is generated from | It is generated from a key value on the server (machineKey). | ||
If you have a webfarm (more than one frontend) this key value on the server should be the same for all servers. | If you have a webfarm (more than one frontend), this key value on the server should be the same for all servers. | ||
When [http://asp.net/ ASP.NET] gets a postback from a page with an | When [http://asp.net/ ASP.NET] gets a postback from a page with an anti-forgery token, it tries to verify it. | ||
The goal is to avoid someone taking an old page and re- | The goal is to avoid someone taking an old page and re-posting it multiple times. | ||
If you wait | If you wait for a long time from page gen to postback, the token may expire. | ||
[[Category:MDriven Server]] | |||
{{Edited|July|12|2024}} | |||
Latest revision as of 15:48, 10 February 2024
The anti-forgery token could not be decrypted. If this application is hosted by a Web Farm or cluster, ensure that all machines are running the same version of ASP.NET Web Pages and that the <machineKey> configuration specifies explicit encryption and validation keys. AutoGenerate cannot be used in a cluster.
This page produced by us contains an ID (antiforgerytoken) - it is new each time.
It is generated from a key value on the server (machineKey).
If you have a webfarm (more than one frontend), this key value on the server should be the same for all servers.
When ASP.NET gets a postback from a page with an anti-forgery token, it tries to verify it.
The goal is to avoid someone taking an old page and re-posting it multiple times.
If you wait for a long time from page gen to postback, the token may expire.
This page was edited more than 11 months ago on 02/10/2024. What links here