So I created a script which will post a form when a button is clicked. The form is for logging off the user.

$scope.logout = function ($event) {

    var url = 'Account/LogOff';
    var tokenClone = $('input[name="__RequestVerificationToken"]').clone();

    $('<form data-logout="true" action="' + logoutUrl + '" method="post"></form>').appendTo('body');
    $(tokenClone).appendTo('form[data-logout="true"]');
    $('form[data-logout="true"]').submit();
};

This is the controller:

[HttpPost]
[ValidateForm()]
public ActionResult LogOff()
{
    WebSecurity.Logout();
    Roles.DeleteCookie();
    ValidationTokenHelper.RemoveAuthCookie();

    TempData["Success"] = "You have been logged out.";

    return RedirectToAction("Login", "Account");
}

It was fine on debug mode, but on release mode it is not. This is so weird. The form post was actually searching for GET action not POST.

0 Answers