Nov 26, 2019 10:52 AM|BeRoots|LINK
Yes. All work nice now. I have just a last question about the ModelState. The doc say:
Web API controllers don't have to check ModelState.IsValid if they have the [ApiController] attribute. In that case, an automatic HTTP 400 response containing
error details is returned when model state is invalid. For more information, see Automatic HTTP 400 responses.
In my case I ask me if I have to validate the posted data to prevent things like a bad fomatting... It's an API controller using [ApiController]. My SPA Application do this but this method is allowed for no logged in users. I just use the antiforgery validation...
is this enough to avoid having to do a second validation of the data?