Microsoft.AspNetCore.Antiforgery was not found

install microsoft aspnetcore antiforgery
nuget microsoft aspnetcore antiforgery
install microsoft aspnetcore antiforgery 2.2 0
antiforgery not found
aspnetcore antiforgery missing
an assembly specified in the application dependencies manifest was not found
razor engine .net core
invalidoperationexception cannot find reference assembly microsoft aspnetcore antiforgery dll

I'm deploying a asp.net core 2.0 website to IIS 10.

I've made sure that my app is using the correct configuration for ISS in the program.settings file.

public class Program
{
    public static void Main(string[] args)
    {
        BuildWebHost(args).Run();
    }

    public static IWebHost BuildWebHost(string[] args) =>
        WebHost.CreateDefaultBuilder(args)
            .UseKestrel()
            .UseContentRoot(Directory.GetCurrentDirectory())
            .UseIISIntegration()
            .UseStartup<Startup>()
            .Build();
}

And in my startup.cs file:

    public void ConfigureServices(IServiceCollection services)
    {
        services.Configure<IISOptions>(options =>
        {
        });
        services.AddMvc();
    }

Yet when I run dotnet website.dll from the command line I get the below error message shown in the command line window:

An assembly specified in the application dependencies manifest (website.deps.json) was not found: package: 'Microsoft.AspNetCore.Antiforgery', version: '2.0.1' path: 'lib/netstandard2.0/Microsoft.AspNetCore.Antiforgery.dll' This assembly was expected to be in the local runtime store as the application was published using the following target manifest files: aspnetcore-store-2.0.3.xml

Based off the error message, i'm guessing Microsoft.AspNetCore.Antiforgery isn't being bundled when I publish since I do not receive this error when debugging.

How can I ensure that my app can find Microsoft.AspNetCore.Antiforgery when published to a live environment?

EDIT: This is a basic .net core website. No changes have been made to the standard project at this time apart from the above changes for deployment with IIS.

When I run the project from IIS instead of the command line I get a 502.5 error message.

I was able to fix this issue by updating the .net core runtime on the server to v2.0.3.

This issue occurs if

  1. You have an existing server running v2.0.0 of the .net core runtime.
  2. You create an app targeting v2.0.3 of the SDK
  3. You publish the v2.0.3 app to a server running v2.0.0

The issue can be resolved by installing v2.0.3 of the runtime on the server. You can download the runtime from the microsoft site here https://www.microsoft.com/net/download/windows

HTTP Error 502.5, UI.deps.json) was not found: package: 'Microsoft.AspNetCore.Antiforgery', version: '2.0.1' path: 'lib/netstandard2.0/Microsoft.AspNetCore. Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery:Error: An exception was thrown while deserializing the token. Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted. ---> System.Security.Cryptography.CryptographicException: The key {8689ba02-7f31-4d3f-8e2a-330dcfb2e72b} was not found in the key ring.

If you are actually using this library, make sure that your *.csproj file has the corresponding explicit reference:

<PackageReference Include="Microsoft.AspNetCore.Antiforgery" Version="..." />

Then, play with the PublishWithAspNetCoreTargetManifest property to resolve the aforementioned issue with a mismatched manifest. Check out the following threads to learn more about possible issues while its deployment:

An assembly specified in the application dependencies manifest (RhWeb.deps.json) was not found

published application is missing assembly (missing runtime store associated ...) [2.0.0-preview2-005905]

HTTP Error 502.5 - Microsoft.AspNetCore.Antiforgery.dll

Cannot find reference assembly 'Microsoft.AspNetCore , Antiforgery.dll' while using a FileProviders in net core 3 #14418 using the fileprovider i get the following error, this was working fine in 2.1. Asynchronously returns a value indicating whether the request passes antiforgery validation. If the request uses a safe HTTP method (GET, HEAD, OPTIONS, TRACE), the antiforgery token is not validated. SetCookieTokenAndHeader(HttpContext) Generates and stores an antiforgery cookie token if one is not available or not valid.

I had this issue - simple workaround, actually install the NuGet package (I wasn't using it).

Microsoft.AspNetCore.Antiforgery

Published, deployed - fixed the issue.

In another case, when I published the project, a lot of the dlls weren't being placed in the publish folder - including Antiforgery. The below appears to force publishing to add all the required dlls.

Edit your projectname.json file to ensure PropertyGroup contains PublishWithAspNetCoreTargetManifest = false:

<PropertyGroup>
    <TargetFramework>netcoreapp2.0</TargetFramework>
    <PublishWithAspNetCoreTargetManifest>false</PublishWithAspNetCoreTargetManifest>
</PropertyGroup>

Interested to know why the above works?!

Cannot find reference assembly 'Microsoft.AspNetCore.Antiforgery , I'm not clear on why it is looking for Microsoft.AspNetCore.Antiforgery.dll but adding Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation  Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted. ---> System.Security.Cryptography.CryptographicException: The key {e8076ac1-2efa-4891-a851-78f3d9ca5710} was not found in the key ring.

This also problem happens if Antiforgery is called but Antiforgery is not installed.

Can be fixed by installing Microsoft.AspNetCore.Antiforgery by Nuget package manager.

Microsoft.AspNetCore.Antiforgery 2.2.0, An antiforgery system for ASP.NET Core designed to generate and validate tokens to prevent Cross-Site Request Forgery attacks. Microsoft.AspNetCore.Antiforgery. Published, deployed - fixed the issue. In another case, when I published the project, a lot of the dlls weren't being placed in the publish folder - including Antiforgery. The below appears to force publishing to add all the required dlls.

I fixed this issue on my inhouse windowsserver with this solution * go to netcore https://github.com/dotnet/core/tree/master/release-notes * go to the lastest version of the core runtime 2.? * download DotNetCore.2.0.6-WindowsHosting.exe in my case https://github.com/dotnet/core/blob/master/release-notes/download-archives/2.0.6-download.md#net-core-runtime-only-installation

Install this on server and the error was solved for me. Hope this helps anyone.

Getting “This assembly was expected to be in the local runtime , (xxxService.xxx.deps.json) was not found: 2018-05-08T11:33:28.856176478Z package: 'Microsoft.AspNetCore.Antiforgery', version: '2.0.3'. paket add Microsoft.AspNetCore.Antiforgery --version 2.2.0 The NuGet Team does not provide support for this client. Please contact its maintainers for support.

AntiforgeryOptions Class (Microsoft.AspNetCore.Antiforgery , Provides programmatic configuration for the antiforgery token system. If this setting is 'true', the X-Frame-Options header will not be generated for the response  An assembly specified in the application dependencies manifest (…) was not found. I upgraded Microsoft.AspNetCore from 2.0.3 to 2.0.5 and my WebAPI project, although running successfully locally, fails to start in production (IIS). Everything was fine in production until this upgrade.

Breaking changes, version 2.2 to 3.1, ASP.NET Core 3.1 has been updated to implement the new No compatibility issues have been reported on older versions of Firefox. Obsolete Antiforgery, CORS, Diagnostics, MVC, and Routing APIs removed The old AddAuthorization methods still exist, but are in the Microsoft. Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery An exception was thrown while deserializing the token. Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The antiforgery token could not be decrypted. ---> System.Security.Cryptography.CryptographicException: The key {xxxxx} was not found in the key ring.

Error message assembly specified the application dependencies , the application dependencies manifest (AspCore2_01.deps.json) was not found: package: 'Microsoft.AspNetCore.Antiforgery', version: '2.0.2'. Yesterday I had some trouble to get my docker build up and running. However after I succeeded and tried to run my container using docker-com

Comments
  • Try dotnet restore. If this not help use temporary solution and just copy this *.dll from local to deploy
  • As @J.Doe mentioned, try a dotnet restore. Would you also mind sharing your csproj?
  • If you publish in Windows (other somewhere other than your server) and run in Linux, then make sure both .Net SDK's version are the same or compatible. You can check their versions with dotnet --info or dotnet --version.
  • Alternatively, you can revert to an earlier .NET Core Nuget package. I had to install 2.0.0 because the Pivotal Cloud Foundry buildpack I was pushing to was at 2.0.0 and my build was using 2.0.3.
  • There is a "ASP.NET Core Runtime" and a ".NET Core Runtime". Only the ASP version solved the issue for me (v2.0.7 worked). Also, on the download page you first have to click the "Run apps" button, to access these downloads.
  • In my case I needed to change the base image in Dockerfile from aspnetcore:2.0 to aspnetcore:2.0.8 because I was referencing Microsoft.AspNetCore.All 2.0.8 which required Microsoft.AspNetCore.Antiforgery >= 2.0.3.
  • Adding the PublishWithAspNetCoreTargetManifest property with value false appears to work for me. i did notice the additional files included with a publish. It appears it makes the application wholly self-contained?
  • Thanks! Made simple the dependency nightmare I got myself in with different projects using different versions of dotnet on an old VPS.