Antiforgery token validation failed. Validation of the provided antiforgery token failed. The cookie token and the request token were swapped

Question

I am getting below error at AutoValidateAntiforgeryTokenAttribute

Error: Antiforgery token validation failed. Validation of the provided antiforgery token failed. The cookie token and the request token were swapped. Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.ViewFeatures.Internal.AutoValidateAntiforgeryTokenAuthorizationFilter'.

I have searched online and StackOverflow nothing helped. Please let me know what mistake I am doing here.

In startup.cs

       services.AddMvc(options =>
       {
            options.Filters.Add(new AutoValidateAntiforgeryTokenAttribute());
       }).SetCompatibilityVersion(CompatibilityVersion.Version_2_2);

       services.AddCors(options =>
       {
           options.AddPolicy("AllowAllOrigins",
               builder => { builder.AllowAnyOrigin(); });
       });

       services.AddAntiforgery(options =>
       {
           options.HeaderName = "X-XSRF-TOKEN";
           options.SuppressXFrameOptionsHeader = false;
       });

And I am setting cookie as below

 var tokens = _antiforgery.GetAndStoreTokens(_httpContextAccessor.HttpContext);

 Response.Cookies.Append("XSRF-TOKEN", tokens.CookieToken,
                new CookieOptions { HttpOnly = false });
            Response.Cookies.Append("X-CSRF-FORM-TOKEN", tokens.RequestToken,
                new CookieOptions { HttpOnly = false });

From the developer window, I am able to see the values are been set properly

In request header same value is passing

Antiforgery token validation failed. Validation of the provided antiforgery token failed. The cookie token and the request token were swapped

0 Answers0