所以我想POST
fileUpload以及AntiForgeryToken
通過AJAX。這裏是我的代碼:如何通過jquery ajax發送AntiForgeryToken(CSRF)以及FormData
查看
@using (Html.BeginForm("Upload", "RX", FormMethod.Post, new {id = "frmRXUpload", enctype = "multipart/form-data"}))
{
@Html.AntiForgeryToken()
@Html.TextBoxFor(m => m.RXFile, new {.type = "file"})
...rest of code here
}
<script>
$(document).ready(function(){
$('#btnRXUpload').click(function() {
var form = $('#frmRXUpload')
if (form.valid()) {
var formData = new FormData(form);
formData.append('files', $('#frmRXUpload input[type="file"]')[0].files[0]);
formData.append('__RequestVerificationToken', fnGetToken());
$.ajax({
type: 'POST',
url: '/RX/Upload',
data: formData,
contentType: false,
processData: false
})
}
})
})
</script>
控制器
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Upload()
{
//rest of code here
}
我得到
的防僞標記無法解密。如果此應用程序由Web場或羣集託管
錯誤通過提琴手。任何想法如何解決這個問題?
我找到了答案:
<script>
$(document).ready(function(){
$('#btnRXUpload').click(function() {
var form = $('#frmRXUpload')
if (form.valid()) {
var formData = new FormData(form.get(0)); //add .get(0)
formData.append('files', $('#frmRXUpload input[type="file"]')[0].files[0]);
$.ajax({
type: 'POST',
url: '/RX/Upload',
data: formData,
contentType: false,
processData: false
})
}
})
})
</script>
什麼是'fnGetToken()'? –
如果應用程序未託管在Web場或羣集上,此行爲是否會更改?非Ajax請求是否工作? –
@StephenMuecke:獲取標記字符串的函數 – warheat1990