I'm trying to secure my ajax posts using the anti-forgery mechanism.
First I've added the antiforgerytoken helper method call to my view
@Html.AntiForgeryToken()
and then adjusted my jquery post call
var values = $(this).serialize() + "&__RequestVerificationToken=" + $("input[name='__RequestVerificationToken']").val();
$.post(url, values)
.success(page.submitSuccess)
.error(page.submitError)
.complete(page.submitComplete);
and of course I decorated my action method with the ValidateAntiForgeryToken
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Create(ProjectCreateCommand command)
{
....
}
but after submiting the form it throws the A required anti-forgery token was not supplied or was invalid error.
I've deleted the token cookie and also I've restarted the browser.
Am I missing something ?