Anti-forgery validation fails for POST and PUT to REST store

Ted
Member since: 2006
 

I've created a REST store like this:

    [RestStore("mystore")]
    public class MyStore : RestControllerBase
    {
        [HttpPost]
        public ActionResult Post()
        {
            return Rest(new { result = "POST works." });
        }

        [HttpGet]
        public ActionResult Get()
        {
            return Rest(new { result = "GET works." });            
        }

        [HttpPut]
        public ActionResult Put()
        {
            return Rest(new { result = "PUT works." });                    
        }
    }

I can get the store just fine in a Dojo widget, and when doing store.get() I get the correct result. It also works when doing a GET request through Postman.

However, when doing a POST or PUT, I get the anti-forgery validation error saying "This request has probably been tampered with. Close the browser and try again."

The stack trace says the requests fails at EPiServer.Shell.Services.Rest.RestHttpHandler.ValidateAntiForgeryToken(HttpContextBase httpContext).

Any bright ideas? :)

#194830 Edited, Jul 04, 2018 10:45
  • Ted
    Member since: 2006
     

    Nevermind, digging deeper it seemed it was just a matter of mismatching parameters (the actual store was not quite as simple as the sample code). Not supplying a required method parameter produced this somewhat misleading exception. Doh!

    #194835 Edited, Jul 04, 2018 11:19
  • Pa Njie
    Member since: 1994
     

    Hey Ted,

    Could you please give a bit more detail on how you got this working? I am currently having issues making a post request.

    Thanks

    #198620 Nov 01, 2018 10:45