How to catch ValidateAntiForgeryToken throw exception
前言
在 IActionResult 上方加 [ValidateAntiForgeryToken]
後想要客製回傳錯誤訊息,發現沒辦法用 catch 來處理 🙄
參考文章:GitHub aspnetcore issues、GitHub aspnet MVC、Filters
解決方式
從 GitHub aspnetcore issues 得知 AntiforgeryValidationException
will get converted into a error 400 somewhere in the Antiforgery Filter chain.
參考 GitHub aspnet MVC 寫法在修改一下就能完成
完整程式碼
// Service/Filters/BadRequestObjectResultAntiforgeryValidationFailedResultFilter.cs
public class BadRequestObjectResultAntiforgeryValidationFailedResultFilter : IAlwaysRunResultFilter
{
public void OnResultExecuting(ResultExecutingContext context)
{
if (context.Result is IAntiforgeryValidationFailedResult)
{
context.Result = new BadRequestObjectResult(new ErrorResponse() { Message = "【網頁閒置過久】請重新整理頁面" });
}
}
public void OnResultExecuted(ResultExecutedContext context) {}
}
// Models/ErrorResponse.cs
public class ErrorResponse
{
public string Message { get; set; }
}
// Controllers/HomeController.cs
public class HomeController : Controller
{
...
[HttpPost]
[ValidateAntiForgeryToken]
[TypeFilter(typeof(BadRequestObjectResultAntiforgeryValidationFailedResultFilter))]
public IActionResult Index(IFormFile inputFile, IFormCollection formCollection)
{
...
}
}