[Fixed] HttpAntiForgeryException: The provided anti-forgery token was meant for user “”, but the current user is “userName”.
In this article, I am going to explain how to do we can fix HttpAntiForgeryException. I was working on asp.net MVC project and it was the exception occurring most of the time on the production server. I got many exception messages from the rollbar.
I did google research and found some methods like it may be due to someone double click the login button. I tried to disable the login button once clicked but didn’t help me out.
Then I did more research and found other ways but nothing work. At the last, I got a very simple solution which I’m going to share with you guys.
Why It happen?
It happens when user login with valid credentials and once logged in and re-directed to another page. After that, he presses the browser back button will show the login page again. He entered the valid credentials again that time this exception will occur
HttpAntiForgeryException: The provided anti-forgery token was meant for user “”, but the current user is “userName”.
How to Fix it?
Please add [OutputCache(NoStore=true, Duration = 0, VaryByParam= “None”)] this line to your login get method. It will work like charm or see below working method.
[AllowAnonymous] [HttpGet] [OutputCache(NoStore=true, Duration = 0, VaryByParam= "None")] public ActionResult Login(string returnUrl) { ViewBag.ReturnUrl = returnUrl; return View(); }
Once you fixed it, you can try above scenario again to test it will work now.
Don’t forget to comment and share this article.
It didnot work for me 🙁
why did this solution works and why asp login not includes this feature.can this other controler have problems becouse of this??
I’m not sure, I didn’ dig into the reason. 🙂
Your code in the text is:
VaryByParam= “None”)–>wrong / Not working
the code in sample is VaryByParam= “None”)] –>correct/working
Yes! I am talking about “” and “”… Double quotations!
Thanks anyways. It works for me
It’s not my fault. I added double quotations, but sometimes rendering issue. Anyway glad to hear it worked for you.
It worked for me
Glad to hear!