Sometimes this error isn’t what you think.
I had dutifully put the “@Html.AntiForgeryToken()” call in the Views, and then attached the “[ValidateAntiForgeryToken]” tag to the right events. On the staging server, all was well, but when I debugged the project locally, I was getting the error.
A change to my web.config was the problem. I had added the following tag:
<httpCookies requireSSL="true" />
The problem was that when debugging locally, my system didn’t use SSL. Removing this tag from the debug build worked.