Starts in:
1 DAY
19 HRS
24 MIN
4 SEC
Starts in:
1 D
19 H
24 M
4 S

Activities of "Anjaneyulu"

Hi @Anjaneyulu, I think you don't need to create a manual Anti Forgery Token Middleware. Instead, you can define AbpAntiForgeryOptions to enable auto validation for GET requests.

Configure<AbpAntiForgeryOptions>(options => 
{ 
    //By default only POST requests auto validate anti forgery tokens. 
    //In other word "GET", "HEAD", "TRACE" and "OPTIONS" HTTP methods are ignored. 
     
    options.AutoValidateIgnoredHttpMethods.Remove("GET"); //auto validate for GET requests 
     
}); 
 

See CSRF Anti Forgery documentation for more information

Hi @EngincanV , I have configured as you said

Configure<AbpAntiForgeryOptions>(options => { //By default only POST requests auto validate anti forgery tokens. //In other word "GET", "HEAD", "TRACE" and "OPTIONS" HTTP methods are ignored.

options.AutoValidateIgnoredHttpMethods.Remove("GET"); //auto validate for GET requests });

Im not receving any data in get request. Do i need to add anything else ?

  • ABP Framework version: v5.0.0
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace:
  • Steps to reproduce the issue:"
  1. Create a project

  2. Added Validate anitforgery token middleware in .Web project like this

public class ValidateAntiForgeryTokenMiddleware { private readonly RequestDelegate _next; private readonly IAntiforgery _antiforgery;

    public ValidateAntiForgeryTokenMiddleware(RequestDelegate next, IAntiforgery antiforgery)
    {
        _next = next;
        _antiforgery = antiforgery;
    }

    public async Task Invoke(HttpContext context)
    {
        if (HttpMethods.IsPost(context.Request.Method))
        {
           await _antiforgery.ValidateRequestAsync(context);
        }
        else if (HttpMethods.IsPut(context.Request.Method))
        {
            await _antiforgery.ValidateRequestAsync(context);
        }
        await _next(context);
    }
}
public static class ApplicationBuilderExtensions
{
    public static IApplicationBuilder UseAntiforgeryTokens(this IApplicationBuilder app)
    {
        return app.UseMiddleware&lt;ValidateAntiForgeryTokenMiddleware&gt;();
    }
}
  1. Added app.UseAntiforgeryTokens(); webmodule.

  2. Intercept the requests in burpsuite and remove request verification token in repeater, but still the response is perfect.

Please let us know how to implement validate antiforgery token for both post and get requests as well.

  • ABP Framework version: v5.0.1

  • UI type: MVC

  • DB provider: EF Core

  • Tiered (MVC) or Identity Server Separated (Angular): no

  • Exception message and stack trace:

  • Steps to reproduce the issue:"

  • Step 1. We are enqueuing the emails by calling in our code * await _backgroundJobManager.EnqueueAsync(new EmailArgs() { //Object });

But in the below "ExecuteAsync" is being called multiple times in our code.

public class NotificationSendingJob : AsyncBackgroundJob<EmailArgs >, ITransientDependency
{
        
        public NotificationSendingJob()
        {
            
        }
        [UnitOfWork]
        public override Task ExecuteAsync(EmailArgs args)
        {
           
                
                AsyncHelper.RunSync(() => SendNotification(args.TenantId, emailcontent));

                return Task.FromResult(0);
        }
}

We want to restrict it to single time.

hi

We could set the Application Cookie's path as per your reply, we are missing antiforgery token and not able to authenticate. Can you please help us.

hi

Is Emailing\Templates\Templates\*.tpl path correct?

Maybe Emailing\Templates\*.tpl

I have updated the path. Also, tried setting build actions to copy always for embedded resources. But im getting the same issue.

<Project Sdk="Microsoft.NET.Sdk">

<Import Project="....\common.props" />

<PropertyGroup> <TargetFramework>netstandard2.0</TargetFramework> <RootNamespace>Test</RootNamespace> </PropertyGroup>

<ItemGroup> <ProjectReference Include="..\Test.Domain.Shared\Test.Domain.Shared.csproj" /> </ItemGroup>

<ItemGroup> <ProjectReference Include="....\modules\Volo.Account.Pro\src\Volo.Abp.Account.Pro.Shared.Application.Contracts\Volo.Abp.Account.Pro.Shared.Application.Contracts.csproj" /> <PackageReference Include="Volo.Abp.PermissionManagement.Application.Contracts" Version="4.4.2" /> <PackageReference Include="Volo.Abp.FeatureManagement.Application.Contracts" Version="4.4.2" /> <PackageReference Include="Volo.Abp.SettingManagement.Application.Contracts" Version="4.4.2" /> <PackageReference Include="Volo.Saas.Host.Application.Contracts" Version="4.4.2" /> <PackageReference Include="Volo.Abp.AuditLogging.Application.Contracts" Version="4.4.2" /> <ProjectReference Include="....\modules\Volo.Identity.Pro\src\Volo.Abp.Identity.Pro.Application.Contracts\Volo.Abp.Identity.Pro.Application.Contracts.csproj" /> <PackageReference Include="Volo.Abp.IdentityServer.Application.Contracts" Version="4.4.2" /> <ProjectReference Include="....\modules\Volo.Account.Pro\src\Volo.Abp.Account.Pro.Public.Application.Contracts\Volo.Abp.Account.Pro.Public.Application.Contracts.csproj" /> <ProjectReference Include="....\modules\Volo.Account.Pro\src\Volo.Abp.Account.Pro.Admin.Application.Contracts\Volo.Abp.Account.Pro.Admin.Application.Contracts.csproj" /> <PackageReference Include="Volo.Abp.LanguageManagement.Application.Contracts" Version="4.4.2" /> <ProjectReference Include="....\modules\Volo.TextTemplateManagement\src\Volo.Abp.TextTemplateManagement.Application.Contracts\Volo.Abp.TextTemplateManagement.Application.Contracts.csproj" /> <ProjectReference Include="....\modules\Volo.LeptonTheme\src\Volo.Abp.LeptonTheme.Management.Application.Contracts\Volo.Abp.LeptonTheme.Management.Application.Contracts.csproj" /> </ItemGroup>

<ItemGroup> <EmbeddedResource Include="Emailing\Templates*.tpl" /> <None Remove="Emailing\Templates*.tpl" /> </ItemGroup>

</Project>

hi

Can you share the csproj(ApplicationContractModule) file?

<Project Sdk="Microsoft.NET.Sdk">

  <Import Project="..\..\common.props" />

  <PropertyGroup>
    <TargetFramework>netstandard2.0</TargetFramework>
    <RootNamespace>Test</RootNamespace>
  </PropertyGroup>



  <ItemGroup>
    <ProjectReference Include="..\Test.Domain.Shared\Test.Domain.Shared.csproj" />
  </ItemGroup>

  <ItemGroup>
    <ProjectReference Include="..\..\modules\Volo.Account.Pro\src\Volo.Abp.Account.Pro.Shared.Application.Contracts\Volo.Abp.Account.Pro.Shared.Application.Contracts.csproj" />
    <PackageReference Include="Volo.Abp.PermissionManagement.Application.Contracts" Version="4.4.2" />
    <PackageReference Include="Volo.Abp.FeatureManagement.Application.Contracts" Version="4.4.2" />
    <PackageReference Include="Volo.Abp.SettingManagement.Application.Contracts" Version="4.4.2" />
    <PackageReference Include="Volo.Saas.Host.Application.Contracts" Version="4.4.2" />
    <PackageReference Include="Volo.Abp.AuditLogging.Application.Contracts" Version="4.4.2" />
    <ProjectReference Include="..\..\modules\Volo.Identity.Pro\src\Volo.Abp.Identity.Pro.Application.Contracts\Volo.Abp.Identity.Pro.Application.Contracts.csproj" />
    <PackageReference Include="Volo.Abp.IdentityServer.Application.Contracts" Version="4.4.2" />
    <ProjectReference Include="..\..\modules\Volo.Account.Pro\src\Volo.Abp.Account.Pro.Public.Application.Contracts\Volo.Abp.Account.Pro.Public.Application.Contracts.csproj" />
    <ProjectReference Include="..\..\modules\Volo.Account.Pro\src\Volo.Abp.Account.Pro.Admin.Application.Contracts\Volo.Abp.Account.Pro.Admin.Application.Contracts.csproj" />
    <PackageReference Include="Volo.Abp.LanguageManagement.Application.Contracts" Version="4.4.2" />
    <ProjectReference Include="..\..\modules\Volo.TextTemplateManagement\src\Volo.Abp.TextTemplateManagement.Application.Contracts\Volo.Abp.TextTemplateManagement.Application.Contracts.csproj" />
    <ProjectReference Include="..\..\modules\Volo.LeptonTheme\src\Volo.Abp.LeptonTheme.Management.Application.Contracts\Volo.Abp.LeptonTheme.Management.Application.Contracts.csproj" />
  </ItemGroup>

  <ItemGroup>
    <EmbeddedResource Include="Emailing\Templates\Templates\*.tpl" />
    <None Remove="Emailing\Templates\Templates\*.tpl" />
  </ItemGroup>
  
</Project>
  • ABP Framework version: v4.4.2
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace: Volo.Abp.AbpException: Could not find a file/folder at the location: /Emailing/Templates/EmailTemplate.tpl at Volo.Abp.TextTemplating.VirtualFiles.LocalizedTemplateContentReaderFactory.CreateInternalAsync(TemplateDefinition templateDefinition) at Volo.Abp.TextTemplating.VirtualFiles.LocalizedTemplateContentReaderFactory.CreateAsync(TemplateDefinition templateDefinition) at Volo.Abp.TextTemplating.VirtualFiles.VirtualFileTemplateContentContributor.GetOrNullAsync(TemplateContentContributorContext context) at Volo.Abp.TextTemplating.TemplateContentProvider.GetContentOrNullAsync(ITemplateContentContributor[] contributors, TemplateContentContributorContext context) at Volo.Abp.TextTemplating.TemplateContentProvider.GetContentOrNullAsync(TemplateDefinition templateDefinition, String cultureName, Boolean tryDefaults, Boolean useCurrentCultureIfCultureNameIsNull) at Volo.Abp.TextTemplateManagement.TextTemplates.TemplateContentAppService.GetAsync(GetTemplateContentInput input) in D:\Sandbox\FAB_AMS_Latest_Version\modules\Volo.TextTemplateManagement\src\Volo.Abp.TextTemplateManagement.Application\Volo\Abp\TextTemplateManagement\TextTemplates\TemplateContentAppService.cs:line 36 at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous[TResult](IInvocation invocation, IInvocationProceedInfo proceedInfo) at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapterWithReturnValue`1.ProceedAsync()
  • Steps to reproduce the issue:"
    1. Created a Text template as follows for custome code emailing.
  1. Added following code In
    1. ApplicationContractModule.cs public override void ConfigureServices(ServiceConfigurationContext context) { Configure
    2. public class DeviceEmailTemplateDefinitionProvider : TemplateDefinitionProvider { public override void Define(ITemplateDefinitionContext context) { var emailLayoutTemplate = context.GetOrNull(StandardEmailTemplates.Layout); emailLayoutTemplate .WithVirtualFilePath( "/Emailing/Templates/EmailTemplate.tpl", isInlineLocalized: true ); context.Add(emailLayoutTemplate); context.Add( new TemplateDefinition( DeviceEmailTemplates.ReSendOTP, displayName: LocalizableString.Create

hi

You are configure the ApplicationCookie not XSRF and Antiforgery.

Can you explain the reason to change the path?

Hi,

Basically when i hosted the application cookie path is coming as default root path i.e., path='/'.

But i want to set the path to application folder in IIS when hosted.

Can you please help to set that properly.

  • ABP Framework version: v4.4.2
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace:
  • Steps to reproduce the issue:" 1. Create a ABP mvc project
  • 2.Set application cookie path to Application folder rather than default root path '/ by
context.Services.ConfigureApplicationCookie(options =>
{
    options.Cookie.Path = "/Arc";
    options.Cookie.SameSite = SameSiteMode.Strict;
    options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
    options.Cookie.IsEssential = true;
    options.Cookie.HttpOnly = true;
});
             

3.. Go to developer tools in the browser and check the path. It is still set to default.

  • ABP Framework version: v3.2.0
  • UI type: MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): No
  • Exception message and stack trace:Could not load file or assembly 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Commercial, Version=3.2.0.0, Culture=neutral, PublicKeyToken=null'. The located assembly's manifest definition does not match the assembly reference. (0x80131040) File name: 'Volo.Abp.AspNetCore.Mvc.UI.Theme.Commercial, Version=3.2.0.0, Culture=neutral, PublicKeyToken=null' at System.Reflection.CustomAttribute._CreateCaObject(RuntimeModule pModule, RuntimeType type, IRuntimeMethodInfo pCtor, Byte** ppBlob, Byte* pEndBlob, Int32* pcNamedArgs) at System.Reflection.CustomAttribute.CreateCaObject(RuntimeModule module, RuntimeType type, IRuntimeMethodInfo ctor, IntPtr& blob, IntPtr blobEnd, Int32& namedArgs) at System.Reflection.CustomAttribute.AddCustomAttributes(ListBuilder1& attributes, RuntimeModule decoratedModule, Int32 decoratedMetadataToken, RuntimeType attributeFilterType, Boolean mustBeInheritable, ListBuilder1 derivedAttributes) at System.Reflection.CustomAttribute.GetCustomAttributes(RuntimeType type, RuntimeType caType, Boolean inherit) at System.Attribute.GetCustomAttributes(MemberInfo element, Boolean inherit)
  • Steps to reproduce the issue:" 1.Replaced the nuget package with source code
  • 2.Rebuid the solution
  • 3.Try to run the application.
Showing 41 to 50 of 50 entries
Made with ❤️ on ABP v9.1.0-preview. Updated on November 20, 2024, 13:06