Click here to Skip to main content
14,241,236 members
Rate this:
Please Sign up or sign in to vote.
See more:
At Backend, I have used asp.net web API and I can validate the token by comparing hidden field token and cookies token as shown below:

try
{
  string cookieToken, formToken;
  AntiForgery.GetTokens(null, out cookieToken, out formToken);

  CookieHeaderValue cookie = Request.Headers
                                    .GetCookies(AntiForgeryConfig.CookieName)
                                    .FirstOrDefault();
  if (cookie != null)
  {
    Stream requestBufferedStream = Request.Content.ReadAsStreamAsync().Result;
    requestBufferedStream.Position = 0;
    NameValueCollection myform = Request.Content.ReadAsFormDataAsync().Result;
    try
    {
      AntiForgery.Validate(cookie[AntiForgeryConfig.CookieName].Value,
       myform[AntiForgeryConfig.CookieName]);
    }
    catch (Exception ex)
    {
      throw new HttpResponseException(
       new HttpResponseMessage(HttpStatusCode.Unauthorized));
    }
  }
}


But the main problem is: I am not able to set csrf token using asp.net web API and also the same not able to receive the same csrf token in vue js.

I have a separate project as backend(asp.net web API) and frontend (Vue).




What I have tried:

I only know to validate the token as given above.
Posted

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100