Results 1 to 4 of 4

Thread: How to pass the anti forgery token to an ASP.NET MVC action method?

  1. #1
    Sencha User
    Join Date
    Nov 2008
    Posts
    163

    Question How to pass the anti forgery token to an ASP.NET MVC action method?

    Can anyone using ASP.NET MVC tell me how to pass the anti-forgery token back successfully to action methods decorated with the [ValidateAntiForgeryToken] attribute?

    I got code like the below but can't figure out how to pass the token back properly in my JSON. Everything I've tried thus far results in an "A required anti-forgery token was not supplied or was invalid."

    Code:
    Code:
    [Transaction]
    		[ValidateAntiForgeryToken]
    		[HttpDelete]
    		public ActionResult Delete(int id) { ... }
    
    
    [Transaction]
    		[ValidateAntiForgeryToken]						      
    		[HttpPut]   
    		public ActionResult Edit(Location location) { ... }
    
    [Transaction]
    		[ValidateAntiForgeryToken]						         
    		[HttpPost]   
    		public ActionResult Create(Location location) { ... }
    Thanks -wg

  2. #2
    Sencha User
    Join Date
    Jun 2011
    Location
    Rio de Janeiro
    Posts
    1

    Default

    Ext.onReady( function() {
    var myToken = document.getElementsByName('__RequestVerificationToken').item(0).value;
    MyExtForm.MyHiddenField.setValue(myToken);
    }

  3. #3
    Sencha Premium Member skirtle's Avatar
    Join Date
    Oct 2010
    Location
    UK
    Posts
    3,791

    Default

    If you're using Ajax you could use either the Ext.Ajax.extraParams property or the beforerequest event.

  4. #4
    Sencha User
    Join Date
    Oct 2012
    Location
    Netherlands
    Posts
    1

    Default

    You may also create a proxy that will set AFT header at run-time, before the request is being sent. That will allow you to use config and programmatic proxies. It works with Sencha Touch and MVC4 WebAPI.

    Code:
    Ext.define('WApp.model.AftRestProxy', {    
    extend: 'Ext.data.proxy.Rest',     
    requires: [        'Ext.data.proxy.Rest'    ],     
    alias: 'proxy.aftrest',    
    constructor: function (config) 
    {       
        var defaults = {  timeout: 10000  };         
        this.callParent([Ext.Object.merge(defaults, config)]);    
    },     
    buildRequest: function (operation) {       
        // Add AFT header to proxy's headers        
        var r = this.callParent([operation]);        
        var afth = { 'RequestVerificationToken': Ext.get("antiForgeryToken").getValue() };
        var p = r.getProxy();       
        if (p) {            
             var h = Ext.Object.merge(p.getHeaders() || {}, afth);            
             p.setHeaders(h);        
        }         
        return r;    
    }});
    Code:
    Ext.define('WApp.model.UserProfile', {    
    extend: 'Ext.data.Model',        
    requires: [        'WApp.model.AftRestProxy'    ],     
    config: {       
        fields: [        ],        
        proxy: {            
            type: 'aftrest',           
            url: '/api/auth/getuserprofile'        
        }    
    }});

Similar Threads

  1. Update method for Editor Grid in C# (ASP.NET MVC)
    By Grisco in forum Ext 3.x: Help & Discussion
    Replies: 3
    Last Post: 3 Nov 2010, 11:33 PM
  2. ExtJS and ASP.NET MVC
    By wgpubs in forum Ext 2.x: Help & Discussion
    Replies: 0
    Last Post: 5 Dec 2008, 5:41 PM
  3. Problem combining extjs 2.0 with asp.net/ asp.net mvc/html
    By ritcoder in forum Ext 2.x: Help & Discussion
    Replies: 1
    Last Post: 12 Jul 2008, 3:58 PM
  4. MVC for asp.net/VS 2008
    By DragonFist in forum Community Discussion
    Replies: 15
    Last Post: 16 Jun 2008, 7:47 AM
  5. Replies: 2
    Last Post: 4 Feb 2008, 2:05 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •