Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unhandled HttpAntiForgeryException when submitting Register form when JavaScript is disabled in the browser. #1291

Closed
claycompton opened this issue Jul 1, 2013 · 2 comments
Closed

Unhandled HttpAntiForgeryException when submitting Register form when JavaScript is disabled in the browser. #1291

claycompton opened this issue Jul 1, 2013 · 2 comments
Assignees
@analogrelay
Milestone
7/19 QA (8/2 Prod...

Comments

@claycompton
Copy link

To repro:

  1. Disable JavaScript in your browser of choice. In IE, add qa.nugettest.org to the Restricted Sites zone and set Active Scripting to disable for that zone.
  2. Navigate to https://qa.nugettest.org/account/Register.
  3. Without typing anything in any of the fields, click 'Submit'.

Result: You'll get the White Screen of Death. A review of error logs shows that the underlying error is:

System.Web.Mvc.HttpAntiForgeryException: 
The required anti-forgery cookie "__RequestVerificationToken" is not present.

The full stack trace is available at https://qa.nugettest.org/Admin/Errors.axd/detail?id=107.

Expected: No such error. We should, as far as possible, support clients that don't have JavaScript enabled.
@ghost ghost assigned analogrelay Jul 2, 2013
@claycompton claycompton mentioned this issue Jul 13, 2013
Closed
@analogrelay
Copy link
Contributor

See #1315 for another case where this occurs and should be fixed.

@analogrelay
Copy link
Contributor

The problem isn't JavaScript, it's Cookies. When IE requests a site in Restricted Sites, it refuses to send any of the cookies. I'll do a quick pass to see if I can report the error slightly better but if not I'm just going to "Won't Fix" this as our site requires cookies for many reasons.

@analogrelay analogrelay mentioned this issue Jul 15, 2013
Merged
@johnataylor johnataylor mentioned this issue Jul 16, 2013
Merged
analogrelay added a commit that referenced this issue Jul 18, 2013
@analogrelay
Merge pull request #1326 from NuGet/anurse-1291-antiforgeryfailure
3846ebc 
Fix #1291 by providing a descriptive error when Anti-Forgery validation fails
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@analogrelay analogrelay

Labels
None yet
Projects
None yet
Milestone
7/19 QA (8/2 Production)
Development

No branches or pull requests
2 participants
@analogrelay @claycompton