how to include AntiForgeryToken in an ajax action

2020-02-06 11:00发布

I have the following code:

@Ajax.ActionLink("Delete", "Delete", 
new { id = item.ID, RequestVerificationToken=*What comes here?*}, 
new AjaxOptions { HttpMethod = "POST", UpdateTargetId = "formsIndex" })

I want to add the verification token to the link without using javascript in client side, it seems like a redundant dependancy since i already own that value in server. Is there a proper way to do that?

标签： ajax asp.net-mvc security razor csrf

1条回答

贼婆χ

2楼-- · 2020-02-06 11:15

From the MSDN documentation (my emphasis)

HtmlHelper.AntiForgeryToken Method

Generates a hidden form field (anti-forgery token) that is validated when the form is submitted.

You need a form element to generate the anti-forgery token.

@Ajax.BeginForm("Delete", new { id = item.ID }, new AjaxOptions { UpdateTargetId = "formsIndex" }))
{
  @Html.AntiForgeryToken()
  <input type="submit" value="Delete" /> // style to look like a link if that's what you want
}

0人赞添加讨论(0) 举报

how to include AntiForgeryToken in an ajax action

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间