- ABP Framework version: v8.0.0 rc2
- UI Type: Maui
- Database System: EF Core (PostgreSQL)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
Hello I am having problem with maui application when i do posts to the api. HttpStatusCode:400 returns every time, is sth changed on antiforgery token middleware on version 8?
I didn't have this problem on v7.4.
To reproduce the problem just create a new project from scratch with v8 rc2.
abp new BookStore -t app-pro -u angular -dbms PostgreSQL --separate-auth-server -m maui -csf --preview
then try to run maui app and **create a new user **(or try to do any post or put). you will get an error. Bad Request with status code 400
is there a way to ignore antiforgery token check for mobile app calls only.
3 Answer(s)
-
0
Hi,
It's a bug, we will fix it in the next patch version. Your ticket was refunded.
Now you can try update the
GetInsecureHandlermethod:private static HttpMessageHandler GetInsecureHandler() { #if ANDROID var handler = new HttpClientHandler() { UseCookies = false }; handler.ServerCertificateCustomValidationCallback = (message, cert, chain, errors) => { if (cert is { Issuer: "CN=localhost" }) { return true; } return errors == System.Net.Security.SslPolicyErrors.None; }; return handler; #elif IOS var handler = new NSUrlSessionHandler { UseCookies = false, TrustOverrideForUrl = (sender, url, trust) => url.StartsWith("https://localhost") }; return handler; #elif WINDOWS || MACCATALYST return new HttpClientHandler() { UseCookies = false }; #else throw new PlatformNotSupportedException("Only Android, iOS, MacCatalyst, and Windows supported."); #endif } -
0
Hello, Thanks for the solution. I wonder two things.
- Is the bug related to backend or is it because assigning a xsrf token to header while sending from the maui client? Probably the latter. Cause i replace the AbpAutoValidateAntiforgeryTokenAuthorizationFilter class it always come with xsrf token when i do a post from maui client.
- How can i see the source code of Volo.Abp.Maui.Client package?
Also if i want to intercept the http requests, what is the correct way to do it in Maui Project? Let's say i want to add extra header for specific request. I tried sth like this but this doesn't work.
[Volo.Abp.DependencyInjection.Dependency(ReplaceServices = true)] [ExposeServices(typeof(DynamicHttpProxyInterceptorClientProxy<IIdentityUserAppService>))] public class IdentityUserAppServiceHttpProxyInterceptorClientProxy : DynamicHttpProxyInterceptorClientProxy<IIdentityUserAppService> { protected override void AddHeaders(IReadOnlyDictionary<string, object> argumentsDictionary, ActionApiDescriptionModel action, HttpRequestMessage requestMessage, ApiVersionInfo apiVersion) { base.AddHeaders(argumentsDictionary, action, requestMessage, apiVersion); } protected override Task<HttpContent> RequestAsync(ClientProxyRequestContext requestContext) { return base.RequestAsync(requestContext); } } -
0
Hi,
Is the bug related to backend or is it because assigning a xsrf token to header while sending from the maui client? Probably the latter. Cause i replace the AbpAutoValidateAntiforgeryTokenAuthorizationFilter class it always come with xsrf token when i do a post from maui client.
This is a bug of the
GetInsecureHandlermethod.How can i see the source code of Volo.Abp.Maui.Client package?
You can add DelegatingHandler:
public class MyHttpMessageHandler : DelegatingHandler, ITransientDependency { protected async override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { request.Headers .....; return await base.SendAsync(request, cancellationToken); } } public override void PreConfigureServices(ServiceConfigurationContext context) { PreConfigure<AbpHttpClientBuilderOptions>(options => { options.ProxyClientBuildActions.Add((_, builder) => { builder.AddHttpMessageHandler<MyHttpMessageHandler>(); }); }); }
