Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Sunday, June 4, 2017 11:13 PM
I have the following script to add form anti forgery token to the post header. Checking
the request header I was able to see __RequestVerificationToken in the request header.
But after the posting I get the following error
Message: The required anti-forgery form field "__RequestVerificationToken" is not present
Why is the controller not looking at the header for the token or is there any better way of passing it. I am
trying to do it globally across the site instead on making changes to every view and controller.
In the view:
<script type="text/javascript">
$.ajaxSetup({
'beforeSend': function (xhr) {
securityToken = $('[name=__RequestVerificationToken]').val();
alert("Token: " + securityToken);
xhr.setRequestHeader("__RequestVerificationToken", securityToken);
}
});
</script>
Controller:
[ValidateAntiForgeryToken]
public ActionResult GetResults([DataSourceRequest]DataSourceRequest request, SearchModel search)
{
...
}
Also not sure how to add the token to the token using Kendo UI Grid
All replies (2)
Monday, June 5, 2017 2:00 AM
Hi Suren,
I'm not familiar with Kendo UI, however I found a similar issue in the following link, please take it as reference.
http://www.telerik.com/forums/anti-forgery-in-mvc-wrapper-for-ajax-binding-using-request-header
And I'd like to recommend you to open a new tread in Kendo UI forum.
http://www.telerik.com/forums/kendo-ui
Best Regards,
Jean
Tuesday, June 6, 2017 2:17 PM
Thanks