Anti-forgery validation fails for POST and PUT to REST store

Member since: 2006

I've created a REST store like this:

    public class MyStore : RestControllerBase
        public ActionResult Post()
            return Rest(new { result = "POST works." });

        public ActionResult Get()
            return Rest(new { result = "GET works." });            

        public ActionResult Put()
            return Rest(new { result = "PUT works." });                    

I can get the store just fine in a Dojo widget, and when doing store.get() I get the correct result. It also works when doing a GET request through Postman.

However, when doing a POST or PUT, I get the anti-forgery validation error saying "This request has probably been tampered with. Close the browser and try again."

The stack trace says the requests fails at EPiServer.Shell.Services.Rest.RestHttpHandler.ValidateAntiForgeryToken(HttpContextBase httpContext).

Any bright ideas? :)

#194830 Edited, Jul 04, 2018 10:45
  • Ted
    Member since: 2006

    Nevermind, digging deeper it seemed it was just a matter of mismatching parameters (the actual store was not quite as simple as the sample code). Not supplying a required method parameter produced this somewhat misleading exception. Doh!

    #194835 Edited, Jul 04, 2018 11:19
  • Pa Njie
    Member since: 1994

    Hey Ted,

    Could you please give a bit more detail on how you got this working? I am currently having issues making a post request.


    #198620 Nov 01, 2018 10:45