security - Is the anti-forgery token for logout necessary? -


for site pages, after being logged in few minutes, following error when attempt log out:

the anti-forgery cookie token , form field token not match.

i read in this link ways track exception down, since exception appears on logout, wonder if might easier exclude anti-forgery-token logout form altogether. idea?

i using template login page auto-generated new mvc projects.

thanks!

it advisable add token logout form, otherwise can create page posts logout page, logging out users, annoying.


Comments

Post a Comment

Popular posts from this blog

c++ - End of file on pipe magic during open -

i have c++ application in starting process(wireshark) following. if (fp == null){ fp = popen(processpath, "r"); //processpath process want start if (!fp){ throw std::invalid_argument("cannot start process"); } fprintf(fp, d_msg);//d_msg input want provide process } else if(fp != null){ fprintf(fp, d_msg); } the problem when execute c++ application, start wireshark error end of file on pipe magic during open what should avoid that? also tried using mkfifo create named pipe , execute it. used this: if (fp == null){ system("mkfifo /tmp/mine.pcap"); fp = popen("wireshark -k -i /tmp/mine.pcap", "r"); if (!fp){ dout << "cannot start wireshark"<<std::endl; throw std::invalid_argument("cannot start wireshark"); } input = fopen("/tmp/mine.pcap", "wb"); fprintf(input , d_msg); fclose(input)...
Read more

basic authentication with http post params android -

i doing basic authentication passing username , password , using basicnamevaluepair sending post params response service. my method: public stringbuilder callservicehttppost(string username, string password, string type) { // create new httpclient , post header httpclient httpclient = new defaulthttpclient(); httppost httppost = new httppost(webservice + type); httpresponse response = null; stringbuilder total = new stringbuilder(); try { url url = new url(webservice + type); /*string base64encodedcredentials = base64.encodetostring((username + ":" + password).getbytes(), base64.url_safe | base64.no_wrap);*/ string base64encodedcredentials = "basic " + base64.encodetostring( (username + ":" + password).getbytes(), base64.no_wrap); httppost.setheader("auth...
Read more

data.table making a copy of table in R -

i doing this: myfun <- function(inputvar_vec){ # inputvar_vec input vector # # result = output vector return(result) } dt[, result := lapply(.sd, myfun), = byvar, .sdcols = inputvar] i getting following warning: warning message: `in `[.data.table`(df1, , `:=`(prop, lapply(.sd, propeventinlastk)), : invalid .internal.selfref detected , fixed taking copy of whole table, := can add new column reference. @ earlier point, data.table has been copied r (or been created manually using structure() or similar). (and more stuff) .... ` my guess because stacking result vectors (after operation), copy being made? can suggest method remove warning? have done using apply functions , thought should extendable here too. my other question is: can pass chunk of rows data frame (subsetted using statement), , call function myfun operate on that? adding example requested # generate data n = 10000 default=na value = 1 df = data.table(id = sample(1:5000, n, replace=true), ...
Read more