StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PORequestVerificationToken does not match
primarykey
Id
7766975
data
AcceptedAnswerId
7871772
AnswerCount
3
ClosedDate
CommentCount
9
CommunityOwnedDate
CreationDate
2011-10-14T11:31:32.790
FavoriteCount
18
LastActivityDate
2014-11-07T18:02:32.123
LastEditDate
2011-10-14T18:48:31.517
LastEditorUserId
168868
OwnerUserId
307976
ParentId
0
PostTypeId
1
Score
35
ViewCount
40850
LastEditorDisplayName
text
Body
I have a problem with the anti CRSF MVC mechanism. The cookie and the form input returned does not match. I'm getting an error every single time, only in one specific page. In the rest of the application it works well. The server is returning <code>HTTP 500 Internal Server Error</code> and I can see on the log this exception: <blockquote> [System.Web.Mvc.HttpAntiForgeryException]: {"A required anti-forgery token was not supplied or was invalid."} </blockquote> This is the hidden input that the server is generating is: <pre><code><input name="__RequestVerificationToken" type="hidden" value="QK8P7rjyZE6Vm5seY7Fr704YCOoFGdTIMzl1W7R0ZFpXSMjGKLG2T05DfFSYTxvtQCEx7DDT69DGsDB2+ZXFHY8oAjiKz0gw8BhDFywgmfIpoXnGpj7fONNzIIfvbrDrE9WJsMu6Io/0bDLM5WfKs0zktiNjyOWpfYrmnfINYmjW8NLOZFoz74xTcgTptAld"> </code></pre> And this is the Cookie returned: <pre><code>Set-Cookie:__RequestVerificationToken_L2VGbG93=skmTAVI8HCbfxDS+xhioIMIISL3UOBI7qJM1JbHjTtAqKl4W70pDUcTKMm0p3R3mrHDziE8vXw0C0OO4HArzWO1/e6py+v/cFdbe9maFgjl4jMiZ9Wc4YIhC6+IUXkk6yqJDJ8dCIr8qtGaYcD9IX+m7/SlVhu521KQSWJYRcaY=; path=/; HttpOnly </code></pre> When I examine what the server is sending, the cookie is exactly the same, but the payload has different encoding I think: <pre><code>__RequestVerificationToken:QK8P7rjyZE6Vm5seY7Fr704YCOoFGdTIMzl1W7R0ZFpXSMjGKLG2T05DfFSYTxvtQCEx7DDT69DGsDB2%2BZXFHY8oAjiKz0gw8BhDFywgmfIpoXnGpj7fONNzIIfvbrDrE9WJsMu6Io%2F0bDLM5WfKs0zktiNjyOWpfYrmnfINYmjW8NLOZFoz74xTcgTptAld </code></pre> The differences are in two characters that appear encoded: <pre><code> / -> %2F + -> %2B </code></pre> Those are the only differences I can find between the hidden input field, and the post payload. What could be the problem that is causing that <code>ValidateAntiForgeryToken</code> fails in verify the token? Regards.
Tags
<asp.net-mvc><asp.net-mvc-3><security><csrf><antiforgerytoken>
Title
RequestVerificationToken does not match
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USCharles
UserOwnerUserId
1. USvtortola
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
2. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
3. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
3. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PORequestVerificationToken does not match
 UserUserId
 USstevenrcfox
 VoteTypeVoteTypeId
 VTBountyStart
2. VO
 singulars
 PostPostId
 PORequestVerificationToken does not match
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 PORequestVerificationToken does not match
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.