Monday, September 4, 2023

AKS The required anti-forgery form field __RequestVerificationToken is not present.

 Problem Statement:

If you migrate from Azure Web app service to Azure kubernetes services you may encounter issues related to Anti-forgery form field or token not exist for your asp.net mvc application or sitecore application.

ValidateHeaderAntiForgeryTokenAttributeError:
System.Web.Mvc.HttpAntiForgeryException (0x80004005): The required anti-forgery form field "__RequestVerificationToken" is not present.
at System.Web.Helpers.AntiXsrf.TokenValidator.ValidateTokens(HttpContextBase httpContext, IIdentity identity, AntiForgeryToken sessionToken, AntiForgeryToken fieldToken)
at System.Web.Helpers.AntiXsrf.AntiForgeryWorker.Validate(HttpContextBase httpContext, String cookieToken, String formToken)


Resolution

nginx is the root cause we need to enable underscore in config of nginx
It just needed underscores in header enable in the config:
https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#enable-underscores-in-headers

enable-underscores-in-headers

Enables underscores in header names. default: is disabled



No comments :