This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 49%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Hi,
I am trying to upload the file to federated SharePoint server. I have got the rtFa and FedAuthcookies & requestDigest and I am able to successfully authenticate. But while uploading the file to SharePoint I am getting the below error,
"<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-2130575251, System.Runtime.InteropServices.COMException</m:code><m:message xml:lang="en-US">The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again.</m:message></m:error>"
My sharepoint link : https://<name>.sharepoint.com/teams/SharePointTest2/Shared%20Documents/Forms/AllItems.aspx
I am using libcurl to post the request.
*int main()
{
CURL *c = curl_easy_init();
struct curl_slist list = NULL;
struct response res;
init_response(&res);
list = curl_slist_append(list, "Content-Type:text/plain");
list = curl_slist_append(list, "X-RequestDigest:value");
list = curl_slist_append(list, "Cookie:rtFa=value;FedAuth=value");
curl_easy_setopt(c, CURLOPT_HTTPHEADER, list);
curl_easy_setopt(c, CURLOPT_URL,"https://<name>.sharepoint.com/teams/SharePointTest2/_api/web/GetFolderByServerRelativeUrl('/Shared%20Documents')/Files/Add(url='DSsanjay.txt',%20overwrite=true)");
curl_easy_setopt(c, CURLOPT_POSTFIELDS, "THis is file data.. Writing...");
curl_easy_setopt(c, CURLOPT_WRITEFUNCTION, writefunc);
curl_easy_setopt(c, CURLOPT_WRITEDATA,&res);
curl_easy_setopt(c, CURLOPT_VERBOSE, 1L);
curl_easy_perform(c);
}
output:
*> POST /teams/SharePointTest2/_api/web/GetFolderByServerRelativeUrl('/Shared%20Documents')/Files/Add(url='DSsanjay.txt',%20overwrite=true) HTTP/2
Host: <name>.sharepoint.com
accept: /
content-type:text/plain
x-requestdigest:value
cookie:rtFa=value;FedAuth=value
content-length: 30
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
* We are completely uploaded and fine
< HTTP/2 403
< cache-control: private, max-age=0
< content-type: application/xml;charset=utf-8
< expires: Thu, 04 Feb 2021 09:37:01 GMT
< last-modified: Fri, 19 Feb 2021 09:37:01 GMT
< vary: Origin
< server: Microsoft-IIS/10.0
< set-cookie: rtFa=value; path=/; secure; HttpOnly
< set-cookie: FedAuth=value; path=/; secure; HttpOnly
< x-sharepointhealthscore: 1
< dataserviceversion: 3.0
< x-aspnet-version: 4.0.30319
< sprequestguid: 32tetc9f-f0cd-b000-de6a-c7515b894761
< request-id: 32tetc9f-f0cd-b000-de6a-c7515b894761
< ms-cv: n6y9Ms3tALDeasdRW4lHYQ.0
< x-requestdigest: value
< strict-transport-security: max-age=31536000
< x-frame-options: SAMEORIGIN
< content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.stream.azure-test.net *.microsoftstream.com;
< x-powered-by: ASP.NET
< microsoftsharepointteamservices: 16.0.0.21003
< x-content-type-options: nosniff
< x-ms-invokeapp: 1; RequireReadOnly
< p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
< date: Fri, 19 Feb 2021 09:37:01 GMT
<
* Connection #0 to host <name>.sharepoint.com left intact
Output = <?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-2130575251, System.Runtime.InteropServices.COMException</m:code><m:message xml:lang="en-US">The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again.</m:message></m:error>*
Am I doing something wrong here?
Please help me out.
Regards,
Sanjay
Hi @Sanjay Kumar R ,
The error "The security validation for this page is invalid" is because of the invalid request digest value.
If the site url is "https://<name>.sharepoint.com/teams/SharePointTest2" in this question, then the request url to get digest value should be :
POST https://<name>.sharepoint.com/teams/SharePointTest2/_api/contextinfo
Headers: rtfa
FedAuth
You can test the request in Postman as the blog specified, then use the request digest value in your curl code snippet, please refer:
SharePoint Online remote authentication (and Doc upload)
Thanks
Best Regards
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.