Menu
For all my site pages, after being logged in for a few minutes, i get the following error when I attempt to log out:
The anti-forgery cookie token and form field token do not match.
I read in this link about ways to track this exception down, but since this exception only appears on logout, I wonder if it might just be easier exclude the anti-forgery-token for the logout form altogether. Is that a good idea?
I am using the template login page that is auto-generated with new MVC projects.
Thanks!
489
It is advisable to add the token to a logout form, otherwise someone can create a page that posts to your logout page, logging out your users, which is annoying.
200
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
