Open Closed

ERR_TOO_MANY_REDIRECTS and Antiforgery Token Validation Failed #8890


User avatar
0
hanntd created
  • ABP Framework version: v8.3

  • UI Type: Blazor WASM

  • Database System: EF Core (PostgreSQL)

  • Tiered (for MVC) or Auth Server Separated (for Angular): no

  • Exception message and full stack trace: Please check the link of Logs

  • Steps to reproduce the issue:

  1. My application are using Blazor Web App Template

  2. I built application into docker image and push into docker server to run the container. The application is accessed from external through the nginx proxy on the same host machine of docker.

  3. I have two environments for dev and test and deployed to the same docker server:

    1. Dev:

      1. url: abc-dev.hqsoft.vn

      2. map port: 5001:8080

    2. Test:

      1. url: abc-test.hqsoft.vn

      2. map port: 5002:8080

  4. Everything are deployed ok and the application running properly but just for some initial minutes then having error with POST/PUT, it still run ok with GET, mean I still open any forms in my application to view data but every time I submit data for changing it throw the error. If I clear browser data (cache, cookies, data...) it will run ok but just for some minutes then error again.

    1. Browser console error: ERR_TOO_MANY_REDIRECTS

    2. Logs error: Antiforgery Token Validation Failed
      Please check the detail Logs, Dockerfile and Nginx Configuration as in the link: https://drive.google.com/drive/folders/1U0K0DjNKMB2g6BFfErLo2FSVIKLi9w0y?usp=sharing


8 Answer(s)
  • User Avatar
    0
    EngincanV created
    Support Team .NET Developer

    Hi, I guess your deployed application uses HTTP instead of HTTPS right? It seems related to https://abp.io/qa/questions/4603/3a09a7dc-d4bf-0b46-862a-cb116f0bf123

    I will wait for confirmation from you and then investigate deeply if it does not work for you.

    Best regards.

  • User Avatar
    0
    hanntd created

    Hi,
    Because I deployed through docker container so in docker I just exposed http 8080, but in nginx proxy i already configure for https and forward it to docker container.
    If I expose both http and https on docker container when application will throw error of ssl.
    Thanks,
    Dharma

  • User Avatar
    0
    hanntd created

    Hi,
    I have tried to added following code as you recommended but still the same error. If I deploy directly on nginx service it doesn't has this error.
    Configure<AbpAntiForgeryOptions>(options =>
    {
    options.TokenCookie.SecurePolicy = CookieSecurePolicy.None;
    });

    thanks,
    Dharma

  • User Avatar
    0
    EngincanV created
    Support Team .NET Developer

    Hi,
    I have tried to added following code as you recommended but still the same error. If I deploy directly on nginx service it doesn't has this error.
    Configure<AbpAntiForgeryOptions>(options =>
    {
    options.TokenCookie.SecurePolicy = CookieSecurePolicy.None;
    });

    thanks,
    Dharma

    Hi, thanks for the prompt answer. I will check and write you back asap.

  • User Avatar
    0
    hanntd created

    Just want to provide you more information of the cookie of both site with the same source code but deployed in two different models, error site on docker and good site is directly on nginx:
    Here is the cookie of the error site hosted on docker:
    image.png

    Here is the cookie of running ok site hosted directly on nginx:
    image.png

  • User Avatar
    0
    EngincanV created
    Support Team .NET Developer

    Hi, can you try the following configuration and let me know if it works for you?

    Configure<AbpAntiForgeryOptions>(options =>
    {
        options.TokenCookie.SecurePolicy = CookieSecurePolicy.Always;
    });
    
  • User Avatar
    0
    hanntd created

    Thank you EngincanV so much, the configuration as you suggested "options.TokenCookie.SecurePolicy = CookieSecurePolicy.Always;" already help me fixed the issue.
    Thanks,
    Dharma

  • User Avatar
    0
    EngincanV created
    Support Team .NET Developer

    Thank you EngincanV so much, the configuration as you suggested "options.TokenCookie.SecurePolicy = CookieSecurePolicy.Always;" already help me fixed the issue.
    Thanks,
    Dharma

    Great to hear that!

Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
Do you need assistance from an ABP expert?
Schedule a Meeting
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v9.2.0-preview. Updated on March 13, 2025, 04:08