From d8d908d4a65132231c11b7b95a7f363e31486f74 Mon Sep 17 00:00:00 2001 From: daniel-c-harvey Date: Tue, 16 Jun 2026 18:43:56 -0400 Subject: [PATCH] fix(public): move UseStatusCodePagesWithReExecute before UseAntiforgery to fix 404 re-execution antiforgery error --- DeepDrftPublic/Program.cs | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/DeepDrftPublic/Program.cs b/DeepDrftPublic/Program.cs index 8add77d..64f8aa0 100644 --- a/DeepDrftPublic/Program.cs +++ b/DeepDrftPublic/Program.cs @@ -100,6 +100,10 @@ app.Use(async (context, next) => await next(); }); +// StatusCodePages must sit upstream of UseAntiforgery so that re-executed requests +// (e.g. /404) flow through the antiforgery middleware before reaching the endpoint. +app.UseStatusCodePagesWithReExecute("/404", createScopeForStatusCodePages: true); + // Antiforgery is required by Blazor form handling. Authentication / authorization // middleware is intentionally absent — this host is fully anonymous. app.UseAntiforgery(); @@ -144,7 +148,4 @@ app.MapRazorComponents() .AddInteractiveWebAssemblyRenderMode() .AddAdditionalAssemblies(typeof(DeepDrftPublic.Client._Imports).Assembly); -app.UseStatusCodePagesWithReExecute("/404", createScopeForStatusCodePages: true); - - app.Run();