5

I have an existing website and suddenly some days ago I can't use Google Chrome anymore for developing. When I use a standard edit and create page, I get the above error. But i'm not getting it in Internet Explorer. I use Windows 10 (all updates installed) and VS2013 with Update 4. The project is the latest MVC version. I even checked the web.config but nothing is changed. I deleted all history, cookies, passwords etc. Anyone any idea?

LockTar
  • 5,364
  • 3
  • 46
  • 72

5 Answers5

2

I had the same problem. For me the solution was to both clear my browser cookies and to disable Adblock. Other addons may have the same effect. I believe the problem is limited to the Visual Studio / Chrome development environment and will not occur in production regardless of whether the end user has Adblock enabled or not.

weirdev
  • 1,388
  • 8
  • 20
  • I already done that but didn't work. But thank you for the response – LockTar Feb 20 '15 at 06:46
  • @Ralph Yeah, sorry about that. I'm having the same problem. It occurred while I was in the process of adding SSL to my web app. Clearing cookies allowed the Home page to load, and I thought I had it fixed. But when trying to load any other page the problem still occurs. – weirdev Feb 20 '15 at 16:36
  • 1
    @RalphJansen try disabling any addons you have installed on Chrome. For me, the problem was AdBlock. – weirdev Feb 20 '15 at 22:34
  • You could have a point here. I haven't had the problem today so it is very frustrating for solving the issue. But disabling addons could solve it. If I have the problem again, I will try it. – LockTar Feb 21 '15 at 12:10
  • I had the problem yesterday after a hour working. So I started some sessions with debugging and suddenly everything failed. I tried disabling AdBlock and I added my localhost url to the ignore list but it didn't worked for me... – LockTar Feb 23 '15 at 09:24
2

Do you have a 

<httpCookies requireSSL="true" />

in your Web.config? Change that to false. Then in your transforms files (Web.Prod.config, and other environments that have SSL):

<httpCookies requireSSL="true" xdt:Transform="SetAttributes" />
Serj Sagan
  • 28,927
  • 17
  • 154
  • 183
  • 1
    This could be the solution. I disabled SSL 2 weeks ago and I don't have the problem anymore. I must say that I haven't spend mutch time for that project so i'm not sure. – LockTar Mar 30 '15 at 06:16
  • I suddenly got the same problem again but I don't have ssl enabled so it must be something else... – LockTar Jan 09 '16 at 11:17
1

I'm also having the same issue in recent weeks, but it's also extending cross-browser after originating from Chrome. What's even stranger is that it still works flawlessly with the identical project on a different machine using all browsers. I have gone so far as to uninstall all extensions, delete all cookies / data, sign out of Chrome completely and re-install it. Problem still persists.

On deployment to Azure websites the problem isn't present on any platform. My current work-around is to Ctrl-F [ValidateAntiForgeryToken] and comment out every occurrence, and re-enable it upon deployment. Annoying, but it works.

Mark
  • 535
  • 4
  • 13
  • I don't have it on one other pc. I don't have more machines to test it. I don't have the problem in IE so that is the workaround now for debugging my code... – LockTar Feb 23 '15 at 09:26
  • I had issues with this dealing with only Chrome. It could be due to a misbehaving extension. I tried FireFox and it worked fine. I then tried incognito mode in Chrome and it worked fine as well. https://stackoverflow.com/questions/16793516/anti-forgery-form-field-requestverificationtoken-is-not-present-when-using-j – dmarlow Aug 29 '18 at 20:00
0

This was happening to me in Chrome, and seemed related to using the 'remember me' checkbox on login forms, and closing then re-opening the browser. The token was present on inspecting page source, but was reported as being not present during debugging sessions in visual studio. By clearing the browser cache and not checking the 'remember me' box I did not get the problem - but I don't fully understand why!!

My steps to reproduce the bug in Chrome:

  1. Sign in to your MVC web application, clicking on 'remember me' to make it checked
  2. Close browser
  3. Open browser to your current retained session
  4. Try to sign out - error happens here.

Anyway, the following solution worked for me. Inside your MVC view form, try replacing this:

@Html.AntiForgeryToken()

with:

ViewContext.Writer.Write(Html.AntiForgeryToken().ToHtmlString());
RichL
  • 183
  • 1
  • 10
0

Are you on cloud platform ? chrome emits cookies from cloud domains hence the only way to do it is to map another named domain to your cloud web site

This is probably because browsers like Chrome use the Public Suffix List(https://publicsuffix.org/list/effective_tld_names.dat) to restrict certain cookies. If the domain suffix set on the cookie is shared publicly then the browser may block such a cookie in order to prevent itself from sending "unauthorized" data to other servers running on the same domain.

Sameh
  • 1,318
  • 11
  • 11
  • This would serve better as a comment, not an answer. By the way, what, specifically, is the question asking for? Make sure your answer provides that – or a viable alternative. The answer can be “don’t do that”, but it should also include “try this instead”. Any answer that gets the asker going in the right direction is helpful, but do try to mention any limitations, assumptions or simplifications in your answer. Brevity is acceptable, but fuller explanations are better. – baduker Mar 20 '18 at 19:03