ASP.NET MVC Post for @Url.action()

asp.net asp.net-mvc html-helper
29,298

Solution 1

How would I go about "logging off" ?

By using a form instead of an anchor:

<li>
    @using (Html.BeginForm("LogOff", "Account"))
    {
        @Html.AntiForgeryToken()
        <button type="submit">Logout</button>
    }
</li>

You could call the CSS wizards to style this button look like an anchor if you want. But the semantically correct element in this case is an html form which allows you to send a POST verb.

Solution 2

There is no compelling reason for this to be an HttpPost. I know it's generated that way, but you're not actually POSTing any data. Just remove the attribute and it will work as is.

Now, if you want it to work with the HttpPost then you'll need to wrap this in a Form and make it a submit button or submit the form onclick.

<li>
    @using (Html.BeginForm("LogOff", "Account",
        FormMethod.Post, new { id = "LogOffForm" }))
    {
        @Html.AntiForgeryToken()
        <a href="@Url.Action("LogOff", "Account")"
            onclick="$('#LogOffForm').submit();">Logout</a>
    }
</li>

Solution 3

You are right that it has to do with [HttpPost] attribute, which only allow for HTTP POST requests to be made. Regular HTML anchors trigger HTTP GET requests, therefor your example does not work.

One solution would be something like this:

@using (Html.BeginForm("LogOff", "Account", FormMethod.Post, 
          new { id = "logoutForm" })) {
    @Html.AntiForgeryToken()
    <button type="submit">Log off</button>
}

I believe this is close to what the default template does in MVC4.

Notice how we also pass along the anti forgery token, required by the [ValidateAntiForgeryToken] attribute.

Share:
29,298
Zapnologica
Author by

Zapnologica

I am an enthusiastic developer indulging in the world of programming. in love with C# .net

Updated on May 15, 2020

Comments

  • Zapnologica
    Zapnologica about 4 years

    I have the following controller auto-generated by asp.net

        //
    // POST: /Account/LogOff
    [HttpPost]
    [ValidateAntiForgeryToken]
    public ActionResult LogOff()
    {
        AuthenticationManager.SignOut();
        return RedirectToAction("Index", "Home");
    }

    Now I have a log off button. Currently it looks like this:

       <div class="userdrop">
                <ul>
                    <li><a href="@Url.Action("Manage", "Account")">Profile</a></li>                       
                    <li><a href="@Url.Action("LogOff", "Account")">Logout</a></li>
                </ul>
            </div><!--userdrop-->

    But it does not work and I am guessing it is cause it is a Post action method.

    How would I go about "logging off" ?

    [EDIT]

    Why is it auto-generated as an Http Post? Is it more secure that way? Does it not send the cookie with it when it logs out?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Asp.Net Mvc Checkbox list
Html.RenderPartial call from masterpage
Get Model associated with corresponding View in HtmlHelper
Html.dropdownlist with static content
How to add static list of items in MVC Html.DropDownList()
Html.EditorFor<> equivalent for viewing read-only data?
Difference between Html.RenderAction and Html.Action
Get DisplayName Attribute without using LabelFor Helper in asp.net MVC
html helper takes a dictionary<string,object>, how to use this parameter?
System.Web.HttpContext.Current.get returned null in asp.net mvc controller