Activities of "Protica"

Hello,

API configuration in environment.prod.ts file should not have HTTP or HTTPS. Can you check?

I think your config should be like below

export const environment = { 
  production: true, 
  // other config 
  apis: { 
    default: { 
      url: '', 
    } 
  } 
} as Environment; 
 

That was causing the issue!. I had the https baseUrl in there. Once removed it now also includes the RequestVerificationToken header.

All my problems seems to be solved, thanks!

I am not sure if this disabling AutoValidate is really safe when releasing to production? but for now it works. It seems like there is a problem with the X-CSRF token?

Hi, as you mentioned it's not good to disable the auto anti-forgery token system. Did you change the header name from the AntiforgeryOptions?

Please read the Angular UI section of XSRF documentation to learn more.

No I haven't changed any headers .We haven't changed anything at all on the Angular side. All I changed was the baseUrl in environment.prod.ts and I removed the getEnvConfig part in that file.

From what I understand from the documentation, the Angular app should add a Request header called RequestVerificationToken? I don't see this request header.

I do have a cookie that contains the XCSRF token:

Is there anything I can check in the Angular code to make sure the relevant parts are there?

Hi,

I am publishing to an Azure App Service. I don't think I have control over WebDav?

But I have managed to resolve the issue by adding the following code:

        Configure<AbpAntiForgeryOptions>(options =>
        {
            options.AutoValidate = false;
        });

So I basically have everything working.

I am not sure if this disabling AutoValidate is really safe when releasing to production? but for now it works. It seems like there is a problem with the X-CSRF token?

Any advice on this?

Hi, thanks for your response. Could you please elaborate on what this is needed for? I updated my web.config file, but I don't really see any different behavior.

I also have rewrite rules in my web.config. Do I have to leave that in? Or should it all work without rewrite rules when I use your snippet? Sorry, I'm not sure what it does.


But I would like to give an update on my side as well. It looks like I'm almost there. There is just one thing that isn't working. But first I will show what I changed in a regards to what I specified in my first post.

Like you said earlier, I removed the getEnvConfig from the environment file in Angular as this was only causing issues.

I also added a few rewrite rules to my web.config. This is the complete list of rewrite rules that I have.

Another important thing I had to add was the following line inside the OnApplicationInitialization method:

app.UseDefaultFiles();

Placed that line directly above app.UseStaticFiles();

So far so good. When I deploy to Azure it all seems to work. The page loads, I can login etc.

But when I try to change a setting through the Administration menu, then I always get a 400 Bad Request error.

For some reason POST and PUT calls result in a 400 Bad Request error. I also get this error on screen:

An error has occurred! Http failure response for https://my-azure-site.azurewebsites.net/api/identity/settings: 0 Unknown Error

All the GET requests are working fine. Any idea why it fails when doing POST / PUT requests?

Hello,

getEnvConfig API request is related to RemoteEnvironment. You could remove the configuration if you didn't use it.

I could remove the configuration. But the problem still remains that for some reason it doesn't recognize the Angular routes.

I played around with removing the base href="/" from index.html. And played around with the rewrite configuration. But then I bump into some other issues.

There should be a way to make this work without too much hassle, But it's harder than you would expect for some reason.

So basically, a production build of the Angular application. Put that inside the wwwroot of the backend API. Can't figure out where I'm going wrong.

Showing 1 to 5 of 5 entries
Made with ❤️ on ABP v9.2.0-preview. Updated on January 14, 2025, 14:54