I am trying to use an EditForm in an application with authentication and authorization working correctly. When I tried to submit an EditForm, I get this error:
A valid antiforgery token was not provided with the request. Add an antiforgery token, or disable antiforgery validation for this endpoint.
I have done the following in the Program.cs file:
builder.Services.AddAntiforgery(options =>{ options.FormFieldName = "AntiforgeryFieldname"; options.HeaderName = "X-CSRF-TOKEN-HEADERNAME"; options.SuppressXFrameOptionsHeader = false; options.Cookie.HttpOnly = true; options.Cookie.SameSite = SameSiteMode.Strict; options.Cookie.IsEssential = true; options.Cookie.SecurePolicy = CookieSecurePolicy.None;});// . . . // . . . app.UseAntiforgery();In my EditForm on a Blazor component page, I have:
<EditForm method="post" Model="Membership" OnValidSubmit="AddMembership" FormName="create" Enhance><DataAnnotationsValidator /><ValidationSummary class="text-danger" />When I looked at the page source, this is what the form looked like:
<form data-enhance="" method="post" action="/memberships/create"><input type="hidden" name="_handler" value="create" /><input type="hidden" name="AntiforgeryFieldname" value="CfDJ8KPOziIR...I am not sure what I did wrong. Before implementing authentication and authorization, the EditForm worked correctly.
I expected this to work based on the Microsoft documentation.