File Compression in Azure Front Door breaks log in

Jon

Vote:

Hi -

We've recently enabled file compression settings in Azure Front Door. The resources I've checked (.css, .js) are compressed correctly but we also find that's it's no longer possible to log in. It's possible to navigate to the login page, and enter your credentials, but when you click 'Log In' our custom error page is shown with the following error logged (below). The .EPiServerLogin cookie is not created either.

ERROR EPiServer.Global - Unhandled exception in ASP.NET
System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.InvalidOperationException: This request has probably been tampered with. Close the browser and try again.
   at EPiServer.Framework.Web.AspNetAntiForgery.ThrowForgeryException()
   at EPiServer.Framework.Web.AspNetAntiForgery.ValidateField()
   at EPiServer.Web.PageExtensions.AntiForgeryValidation.PreInit(Object sender, EventArgs e)

Has anyone encountered a similar problem or able to suggest what might be causing the issue?

Thanks,

#252259

Mar 31, 2021 14:59

Paul Gruffydd

Vote:

Hi,

I think there are a few potential causes here. If the issue only occurred when you enabled content compression then I think the most likely cause might be caching as, in order to enable compression, you need to enable caching. If the login page is being cached, so will the anti-forgery token included within it which would cause the error you're getting on submission of the login form. If this is the issue, you'll need to prevent the login page (and probably several others) from being cached either by sending the appropriate cache-control headers or by setting up a different route in Azure Front Door which doesn't have caching/compression enabled.

#252373

Apr 01, 2021 11:00

Try our conversational search powered by Generative AI!

File Compression in Azure Front Door breaks log in