diff --git a/DeepDrftPublic/Program.cs b/DeepDrftPublic/Program.cs index 8add77d..64f8aa0 100644 --- a/DeepDrftPublic/Program.cs +++ b/DeepDrftPublic/Program.cs @@ -100,6 +100,10 @@ app.Use(async (context, next) => await next(); }); +// StatusCodePages must sit upstream of UseAntiforgery so that re-executed requests +// (e.g. /404) flow through the antiforgery middleware before reaching the endpoint. +app.UseStatusCodePagesWithReExecute("/404", createScopeForStatusCodePages: true); + // Antiforgery is required by Blazor form handling. Authentication / authorization // middleware is intentionally absent — this host is fully anonymous. app.UseAntiforgery(); @@ -144,7 +148,4 @@ app.MapRazorComponents() .AddInteractiveWebAssemblyRenderMode() .AddAdditionalAssemblies(typeof(DeepDrftPublic.Client._Imports).Assembly); -app.UseStatusCodePagesWithReExecute("/404", createScopeForStatusCodePages: true); - - app.Run();