Re: Getting error : No CSRF cookie supplied and CSRF form field is missing.

Nov 1, 2012 at 8:13 AM


I am getting following error after adding anticsrf dll and necessery code in web.config file. 


Server Error in '/Code' Application.

No CSRF cookie supplied and CSRF form field is missing.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: Idunno.AntiCsrf.PotentialCsrfException: No CSRF cookie supplied and CSRF form field is missing.

Source Error: 

Line 283:            {
Line 284:                // Whilst this does lose the stack, that's not really a bad thing here as the exception message is detailed enough.
Line 285:                throw ex;
Line 286:            }
Line 287:        }

Source File: C:\Users\vin\Desktop\anticsrf-69709\Trunk\idunno.AntiCSRF\AntiCsrfModule.cs    Line: 285 

Stack Trace: 

[PotentialCsrfException: No CSRF cookie supplied and CSRF form field is missing.]
   Idunno.AntiCsrf.AntiCsrfModule.RaiseError(Exception ex, HttpContext context) in C:\Users\vin\Desktop\anticsrf-69709\Trunk\idunno.AntiCSRF\AntiCsrfModule.cs:285
   Idunno.AntiCsrf.AntiCsrfModule.PreRequestHandlerExecute(Object source, EventArgs eventArgs) in C:\Users\vin\Desktop\anticsrf-69709\Trunk\idunno.AntiCSRF\AntiCsrfModule.cs:140
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +216
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +120

Version Information: Microsoft .NET Framework Version:2.0.50727.4952; ASP.NET Version:2.0.50727.4955


Pls help.




Apr 12, 2013 at 8:04 PM
am running .NET 4.0 and am having the same error any fix or workaround
Apr 15, 2013 at 8:26 PM
I think i figured it out. if you are testing with cassini which is the integrated web server in Visual studio you will keep getting this error.
however if you deploy the application on a web server IIS it should work just fine, as the cookies are generated from the IIS sever.

I hope this helps someone :)