Open Closed

Error when saving anything under 'My Account' for a user's profile #4943


User avatar
0
balessi75 created

ABP Commercial 7.0.1 / Blazor Server / EF / Non tiered / Separate Host DB, Separate Tenant DBs

Hi,

We are receiving the ABP error "An error has occurred! Error detail not sent by server" whenever something is saved on the user profile / my account area. Everything works fine in local development, but the error occurs when we deploy the app (Azure App Service).

No exception is logged when the error occurs, but we see a ERR_TOO_MANY_REDIRECTS in the browser console. I've included the log when saving 'Personal Info' on the 'My Account' screen below.

We see the following in the log The required antiforgery header value "RequestVerificationToken" is not present. Authorization failed for the request at filter 'Volo.Abp.AspNetCore.Mvc.AntiForgery.AbpAutoValidateAntiforgeryTokenAuthorizationFilter'.

We are using the Lepton theme.

Please advise as to what might be causing this issue when the app is deployed.

2023-04-22 15:58:30.105 +00:00 [INF] Request starting HTTP/1.1 PUT http://dev.nvisiononline.net/api/account/my-profile application/json 340
2023-04-22 15:58:30.216 +00:00 [INF] Executing endpoint 'Volo.Abp.Account.ProfileController.UpdateAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
2023-04-22 15:58:30.216 +00:00 [INF] Route matched with {area = "account", controller = "Profile", action = "Update", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Volo.Abp.Account.ProfileDto] UpdateAsync(Volo.Abp.Account.UpdateProfileDto) on controller Volo.Abp.Account.ProfileController (Volo.Abp.Account.Pro.Public.HttpApi).
2023-04-22 15:58:30.216 +00:00 [WRN] The required antiforgery header value "RequestVerificationToken" is not present.
2023-04-22 15:58:30.216 +00:00 [INF] Authorization failed for the request at filter 'Volo.Abp.AspNetCore.Mvc.AntiForgery.AbpAutoValidateAntiforgeryTokenAuthorizationFilter'.
2023-04-22 15:58:30.217 +00:00 [INF] Executing StatusCodeResult, setting HTTP status code 400
2023-04-22 15:58:30.217 +00:00 [INF] Executed action Volo.Abp.Account.ProfileController.UpdateAsync (Volo.Abp.Account.Pro.Public.HttpApi) in 0.536ms
2023-04-22 15:58:30.217 +00:00 [INF] Executed endpoint 'Volo.Abp.Account.ProfileController.UpdateAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
2023-04-22 15:58:30.225 +00:00 [INF] Request finished HTTP/1.1 PUT http://dev.nvisiononline.net/api/account/my-profile application/json 340 - 302 - - 119.6890ms
2023-04-22 15:58:30.251 +00:00 [INF] Request starting HTTP/1.1 PUT http://dev.nvisiononline.net/Error?httpStatusCode=400 application/json 340
2023-04-22 15:58:30.255 +00:00 [INF] Executing endpoint 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController.Index (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared)'
2023-04-22 15:58:30.256 +00:00 [INF] Route matched with {action = "Index", controller = "Error", area = "", page = ""}. Executing controller action with signature System.Threading.Tasks.Task`1[Microsoft.AspNetCore.Mvc.IActionResult] Index(Int32) on controller Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared.Controllers.ErrorController (Volo.Abp.AspNetCore.Mvc.UI.Theme.Shared).
2023-04-22 15:58:30.256 +00:00 [WRN] The required antiforgery header value "RequestVerificationToken" is not present.
2023-04-22 15:58:30.256 +00:00 [INF] Authorization failed for the request at filter 'Volo.Abp.AspNetCore.Mvc.AntiForgery.AbpAutoValidateAntiforgeryTokenAuthorizationFilter'.
2023-04-22 15:58:30.256 +00:00 [INF] Executing StatusCodeResult, setting HTTP status code 400

5 Answer(s)
  • User Avatar
    0
    balessi75 created

    Update:

    When we run the deployed application using Azure App Service's default URL.. {appname}.azurewebsites.net... everything works fine.

    However, for production, we need to map the {appname}.azurewebsites.net URL to a different production URL using DNS and Azure's Application Gateway service.

    We receive the errors only when accessing the production mapped URL.

    Our app works as expected in every way under the production URL, except for the saving of a user's profile (My Account).

    Is there an override or workaround?

    Thanks in advance.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Is this working for you? https://support.abp.io/QA/Questions/4603/AntiforgeryValidationException-while-trying-to-enter-SettingManagement

  • User Avatar
    0
    balessi75 created

    HI @liangshiwei

    Thank you. I'm waiting for our TLS certs to be issued and I expect the issue(s) to be resolved once we are running https.

    I'll follow up and confirm the resolution soon...

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    ok

  • User Avatar
    0
    balessi75 created

    The issue was resolved once using https.

    Thanks

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11