K2 has protection mechanisms for Cross Site Request Forgery. Under some conditions, you may receive an error in Internet Explorer.
The following error may occur when using Internet Explorer version 11.0.9600.xxxxx. The error is rare but you may encounter it when working with K2 forms in SharePoint.
This error occurs when a form makes a request and the Anti-Cross Site Request Forgery cookie is missing. The request is blocked by the Cross-Site Request Forgery protection mechanism. You may also see this error when you have a form open, you manually clear your browser cache, and then you click a button or perform an action on the form without first refreshing it. Doing this in any browser also causes this error.
To resolve the error, try one or more of the following actions:
Although not recommended due to the added security risk, you can temporarily disable the Anti-XSRF mechanism. Disable the Anti-XSRF mechanism by adding the following configuration in the appSettings node of the SmartForms Runtime web.config file:
<add key="AntiXSRF.Enabled" value="false" />
There is a similar error that is not related to the error above, specifically: No Anti-Cross Site Request Forgery token found in request
The missing token error indicates one of the following conditions:
See the K2 User Guide for information on Implementing CSRF validation for Custom Controls.