diff --git a/framework/src/Volo.Abp.AspNetCore.Components.WebAssembly/Volo/Abp/AspNetCore/Components/WebAssembly/AbpBlazorClientHttpMessageHandler.cs b/framework/src/Volo.Abp.AspNetCore.Components.WebAssembly/Volo/Abp/AspNetCore/Components/WebAssembly/AbpBlazorClientHttpMessageHandler.cs
index 1b5c5893d5..e498855959 100644
--- a/framework/src/Volo.Abp.AspNetCore.Components.WebAssembly/Volo/Abp/AspNetCore/Components/WebAssembly/AbpBlazorClientHttpMessageHandler.cs
+++ b/framework/src/Volo.Abp.AspNetCore.Components.WebAssembly/Volo/Abp/AspNetCore/Components/WebAssembly/AbpBlazorClientHttpMessageHandler.cs
@@ -3,6 +3,7 @@ using System.Net.Http;
 using System.Net.Http.Headers;
 using System.Threading;
 using System.Threading.Tasks;
+using Microsoft.Extensions.Configuration;
 using Microsoft.JSInterop;
 using Volo.Abp.DependencyInjection;
 
@@ -12,14 +13,28 @@ namespace Volo.Abp.AspNetCore.Components.WebAssembly
     {
         private readonly IJSRuntime _jsRuntime;
 
-        public AbpBlazorClientHttpMessageHandler(IJSRuntime jsRuntime)
+        private readonly ICookieService _cookieService;
+
+        private readonly IConfiguration _configuration;
+
+        private const string AntiForgeryCookieName = "XSRF-TOKEN";
+
+        private const string AntiForgeryHeaderName = "RequestVerificationToken";
+
+        public AbpBlazorClientHttpMessageHandler(
+            IJSRuntime jsRuntime,
+            ICookieService cookieService,
+            IConfiguration configuration)
         {
             _jsRuntime = jsRuntime;
+            _cookieService = cookieService;
+            _configuration = configuration;
         }
 
         protected async override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
         {
             await SetLanguageAsync(request, cancellationToken);
+            await SetAntiForgeryTokenAsync(request);
 
             return await base.SendAsync(request, cancellationToken);
         }
@@ -38,5 +53,21 @@ namespace Volo.Abp.AspNetCore.Components.WebAssembly
                 request.Headers.AcceptLanguage.Add(new StringWithQualityHeaderValue(selectedLanguage));
             }
         }
+
+        private async Task SetAntiForgeryTokenAsync(HttpRequestMessage request)
+        {
+            var selfUri = new Uri(_configuration["App:SelfUrl"]);
+
+            if (request.Method == HttpMethod.Get || request.Method == HttpMethod.Head || request.RequestUri.Host != selfUri.Host || request.RequestUri.Port != selfUri.Port)
+            {
+                return;
+            }
+
+            var token = await _cookieService.GetAsync(AntiForgeryCookieName);
+            if (!token.IsNullOrWhiteSpace())
+            {
+                request.Headers.Add(AntiForgeryHeaderName, token);
+            }
+        }
     }
 }