Problems implementing ValidatingAntiForgeryToken attribute for Web API with MVC 4 RC
You could try reading from the headers: var headers = actionContext.Request.Headers; var cookie = headers .GetCookies() .Select(c => c[AntiForgeryConfig.CookieName]) .FirstOrDefault(); var rvt = headers.GetValues(“__RequestVerificationToken”).FirstOrDefault(); AntiForgery.Validate(cookie != null ? cookie.Value : null, rvt); Note: GetCookies is an extension method that exists in the class HttpRequestHeadersExtensions which is part of System.Net.Http.Formatting.dll. It will most likely exist in … Read more