MVC "LogOut" controller causes "The resource cannot be found." error when using "ValidateAntiForgeryToken" attribute

Question

When I add "ValidateAntiForgeryToken" attribute to my LoggOff controller, it doesn't map my controller and raises "The resource cannot be found." error. What is the problem? Here is my controller:

// POST
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult LogOff()
{
    AuthenticationManager.SignOut();
    return RedirectToAction("Index", "Home");
}

Here is my view:

@using Microsoft.AspNet.Identity
@if (Request.IsAuthenticated)
{
    using (Html.BeginForm("LogOff", "Account", FormMethod.Post, new { id =    "__RequestVerificationToken", @class = "navbar-right" }))
    {
    @Html.AntiForgeryToken()

    <ul class="nav navbar-nav navbar-right">
        <li>@Html.ActionLink("User: " + User.Identity.GetUserName(), "Manage", "Account", routeValues: null, htmlAttributes: new { title = "Manage" })</li>
        <li>@Html.ActionLink("Log Off", "LogOff", "Account")</li>
    </ul>
    }
}
else
{
    <ul class="nav navbar-nav navbar-right">
        <li>@Html.ActionLink("Register", "Register", "Account", routeValues: null, htmlAttributes: new { id = "registerLink" })</li>
        <li>@Html.ActionLink("Log in", "Login", "Account", routeValues: null, htmlAttributes: new { id = "loginLink" })</li>
    </ul>
}

score 1 · Accepted Answer · answered Apr 22 '14 at 12:35

you are not posting the form when you log off

this line will create a GET request

<li>@Html.ActionLink("Log Off", "LogOff", "Account")</li>

you need to add a submit button eg

<a href="javascript:document.getElementById('__RequestVerificationToken').submit()">Logout</a>

score 0 · Answer 2 · answered Apr 27 '18 at 09:17

0

Test this solution web.config, I had this problem and I had forgotten to uncomment tags

answered Apr 27 '18 at 09:17

Jahed Kabiri

115
5

MVC "LogOut" controller causes "The resource cannot be found." error when using "ValidateAntiForgeryToken" attribute

2 Answers2