1. 首頁
  2. 問答
  3. 在JSON發佈請求中傳遞AntiForgeryToken JSON.stringify不起作用

在JSON發佈請求中傳遞AntiForgeryToken JSON.stringify不起作用

2017-08-24 190 views
0

我有以下jQuery代碼將數據與JSON.stringify一起發送到ASP.NET MVC控制器類。一切工作正常,沒有AntiForgeryToken的介紹。現在,當我開始在代碼庫中實施AntiForgeryToken時,它不起作用並拋出一個錯誤:所需的防僞表單字段「__RequestVerificationToken」不存在。在JSON發佈請求中傳遞AntiForgeryToken JSON.stringify不起作用

HTML

<form action="javascript: void(0)" id="frmMain"> 
    @Html.AntiForgeryToken() 
    .... 
</form>

jQuery代碼:

function saveDetails() {    
    var testViewModel = {}; 
    testViewModel.ArticleType = $("#SubType").val() 
    testViewModel.PublishedDate = $("#publishDate").val(); 
    var token = $('#frmMain input[name=__RequestVerificationToken]').val(); 

    var languages = []; 
    $.each($('#language').val(), function (index, value) { 
     var languageContent = {}; 
     languageContent.Language = value; 
     languageContent.Author = $("#author-" + value).val(); 
     languageContent.TeaserText = $("#teaser-" + value).val(); 
     languageContent.body = $("#content-" + value).val(); 
     languageContent.Title = $("#title-" + value).val(); 
     languages.push(languageContent); 
    }); 
    testViewModel.LanguageContent = languages; 
    testViewModel.Author = testViewModel.LanguageContent[0].Author; 
    testViewModel.ArticleId = aId; 

    $.ajax({ 
     type: "POST", 
     url: "@Url.Action("SaveDetails", "Test")", 
     data: JSON.stringify({ articleViewModel: articleViewModel, __RequestVerificationToken: token }), 
     contentType: "application/json; charset=utf-8", 
     dataType: "json", 
     cache: false, 
     success: function (data) { 
      var url = "@Url.Action("SiteDetails", "Test")"; 
      window.location.href = url + "?ArticleId=" + aId; 
     } 
    }); 
}

TestController.cs

[HttpPost] 
[ValidateAntiForgeryToken] 
public JsonResult SaveDetails([Bind(Include = "ArticleId,PublishedDate,Author,ArticleType,LanguageContent")]TestObject testViewModel) 
{ 
    if (!ModelState.IsValid) 
    { 
     return Json(new { success = false }); 
    } 
}

任何一個可以幫助我在這裏通過提供他們的指導來解決這個問題

來源

2017-08-24 santosh kumar patro

+0

刪除json和stringify,只是發佈數據原因是 – Nkosi

+0

請參閱[本答案](https://stackoverflow.com/questions/45773645/the-required-anti-forgery-form-field-requestverificationtoken-is-not -present/45777177#45777177)。但是,對於具有這些'id'屬性的集合生成表單控件的事實表明,你做這一切都是錯誤的。 –

+0

而你使用ajax提交一個然後重定向的事實是毫無意義的。只要生成您的視圖正確(參考[這個答案](http://stackoverflow.com/questions/30094047/html-table-to-ado-net-datatable/30094943#30094943)爲集合生成表單控件,或[這一個](http://stackoverflow.com/questions/28019793/submit-same-partial-view-called-multiple-times-data-to-controller/28081308#28081308)如果動態添加控件),並進行正常提交併在POST方法中重定向 –

回答

1

我添加了另一個過濾器:

namespace TestDetails.Controllers 
{ 
    [AttributeUsage(AttributeTargets.Method | AttributeTargets.Class, AllowMultiple = false, Inherited = true)] 
    public sealed class ValidateHeaderAntiForgeryTokenAttribute : FilterAttribute, IAuthorizationFilter 
    { 
     public void OnAuthorization(AuthorizationContext filterContext) 
     { 
      if (filterContext == null) 
      { 
       throw new ArgumentNullException("filterContext"); 
      } 

      var httpContext = filterContext.HttpContext; 
      var cookie = httpContext.Request.Cookies[AntiForgeryConfig.CookieName]; 
      AntiForgery.Validate(cookie != null ? cookie.Value : null, httpContext.Request.Headers["__RequestVerificationToken"]); 
     } 
    } 
}

TestController.cs

[HttpPost] 
[ValidateHeaderAntiForgeryToken] 
public JsonResult SaveDetails([Bind(Include = "ArticleId,PublishedDate,Author,ArticleType,LanguageContent")]TestObject testViewModel) 
{ 
    if (!ModelState.IsValid) 
    { 
     return Json(new { success = false }); 
    } 
} 

function saveDetails() {    
    var testViewModel = {}; 
    testViewModel.ArticleType = $("#SubType").val() 
    testViewModel.PublishedDate = $("#publishDate").val(); 
    var token = $('#frmMain input[name=__RequestVerificationToken]').val(); 

    var languages = []; 
    $.each($('#language').val(), function (index, value) { 
     var languageContent = {}; 
     languageContent.Language = value; 
     languageContent.Author = $("#author-" + value).val(); 
     languageContent.TeaserText = $("#teaser-" + value).val(); 
     languageContent.body = $("#content-" + value).val(); 
     languageContent.Title = $("#title-" + value).val(); 
     languages.push(languageContent); 
    }); 
    testViewModel.LanguageContent = languages; 
    testViewModel.Author = testViewModel.LanguageContent[0].Author; 
    testViewModel.ArticleId = aId; 


    $.ajax({ 
     type: "POST", 
     url: "@Url.Action("SaveDetails", "Test")",   
     headers: { 
       "__RequestVerificationToken": token 
     }, 
     data: JSON.stringify(testViewModel), 
     cache: false, 
     success: function (data) { 
      var url = "@Url.Action("SiteDetails", "Test")"; 
      window.location.href = url + "?ArticleId=" + aId; 
     } 
    }); 
}

現在是工作的罰款。

來源

2017-08-24 21:38:55

相關問題

 相關問題