MVC3 AntiForgeryToken相关问题,深入框架

时间:2012-07-25 13:53:52

标签: c# .net asp.net-mvc-3 antiforgerytoken

我在.Net 4和IIS6(Win2003服务器)上运行MVC3 Web应用程序。我们间歇性地捕获以下错误消息:

System.ArgumentException: Value cannot be null or an empty string.
Parameter name: serializedToken
   at System.Web.Helpers.AntiForgeryDataSerializer.Deserialize(String serializedToken)
   at System.Web.Helpers.AntiForgeryWorker.GetAntiForgeryTokenAndSetCookie(HttpContextBase httpContext, String salt, String domain, String path)
   at System.Web.Helpers.AntiForgeryWorker.GetHtml(HttpContextBase httpContext, String salt, String domain, String path)
   at System.Web.Helpers.AntiForgery.GetHtml(HttpContextBase httpContext, String salt, String domain, String path)
   at System.Web.Mvc.HtmlHelper.AntiForgeryToken(String salt, String domain, String path)
   at System.Web.Mvc.HtmlHelper.AntiForgeryToken()
   at ASP._Page_Views_Introduction_GetStarted_cshtml.Execute() in d:\MyProject\Views\ControllerName\ViewName.cshtml:line 43
   at System.Web.WebPages.WebPageBase.ExecutePageHierarchy()
   at System.Web.Mvc.WebViewPage.ExecutePageHierarchy()
   at System.Web.WebPages.StartPage.RunPage()
   at System.Web.WebPages.StartPage.ExecutePageHierarchy()
   at System.Web.WebPages.WebPageBase.ExecutePageHierarchy(WebPageContext pageContext, TextWriter writer, WebPageRenderingBase startPage)
   at System.Web.Mvc.RazorView.RenderView(ViewContext viewContext, TextWriter writer, Object instance)
   at System.Web.Mvc.BuildManagerCompiledView.Render(ViewContext viewContext, TextWriter writer)
   at System.Web.Mvc.ViewResultBase.ExecuteResult(ControllerContext context)
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionResult(ControllerContext controllerContext, ActionResult actionResult)
   at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass1c.<InvokeActionResultWithFilters>b__19()
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultFilter(IResultFilter filter, ResultExecutingContext preContext, Func`1 continuation)
   at System.Web.Mvc.ControllerActionInvoker.<>c__DisplayClass1c.<>c__DisplayClass1e.<InvokeActionResultWithFilters>b__1b()
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionResultWithFilters(ControllerContext controllerContext, IList`1 filters, ActionResult actionResult)
   at System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName)

在视图中我们有代码

    using (Html.BeginForm("ActionName", "ControllerName"))
    { 
        @Html.AntiForgeryToken()
        ... other codes ...
    }

接收动作方法看起来像

    [HttpPost]
    [ValidateAntiForgeryToken]
    public ActionResult ActionName()
    {
        // other logic here

        return RedirectToAction("Something", "Something");
    }

我认为编码应该是正确的。有没有人经历过类似的事情?

2 个答案:

答案 0 :(得分:0)

在我写了一些cookie清除代码之后,我得到了这个例外,这些代码清除了cookie而不是删除它们。当 RequestVerificationToken cookie为空时,AntiForgeryToken()似乎失败(即使在GET请求中)。

答案 1 :(得分:0)

尝试从浏览器中删除所有Cookie。也可以在隐身模式下尝试浏览器,也可以尝试不同的浏览器。 我有同样的问题。不接触饼干,这发生了。它表示该问题是由系统还原与Windows密码更改结合引起的。疯..