search

JasperFx / alba

Easy integration testing for ASP.NET Core applications
https://jasperfx.github.io/alba
Apache License 2.0
405 stars 39 forks source link

How to setup properly X-XSRF-TOKEN header for ValidateAntiForgeryToken? #106

Closed AdaskoTheBeAsT closed 2 years ago

AdaskoTheBeAsT commented 2 years ago

for now I tried to do some preflight to "get" endpoint and extract value from cookie

var setCookieHeaderValues = result.Context.Response.GetTypedHeaders().SetCookie;
        var xsrfTokenCookie = setCookieHeaderValues.First(v => v.Name.Equals(XsrfCookieName, StringComparison.OrdinalIgnoreCase));
        XsrfTokenValue = xsrfTokenCookie.Value.Value;

and then use XsrfTokenValue

    _.WithRequestHeader(XsrfHeaderName, XsrfTokenValue ?? string.Empty);
    _.Post.Json(request).ToUrl("/api/<some endpoint>");

for now I receive 400 not sure if I missed something (without ValidateAntiForgeryToken attribute it works so it is only problem with antiforgery)

Do you have any tips?

AdaskoTheBeAsT commented 2 years ago

ok found it - I need to also save whole cookie and add it in request