相关疑难解决方法(0)

究竟要把防伪手表放在哪里

我有一个布局页面,其中包含一个带有AntiForgeryToken的表单

using (Html.BeginForm(action, "Account", new { ReturnUrl = returnUrl }, FormMethod.Post, new { Id = "xcrf-form" }))

Run Code Online (Sandbox Code Playgroud)

这会生成一个隐藏字段

<input name="__RequestVerificationToken" type="hidden" value="p43bTJU6xjctQ-ETI7T0e_0lJX4UsbTz_IUjQjWddsu29Nx_UE5rcdOONiDhFcdjan88ngBe5_ZQbHTBieB2vVXgNJGNmfQpOm5ATPbifYE1">

Run Code Online (Sandbox Code Playgroud)

在我的角度视图中(在布局页面中加载div,我这样做

<form class="form" role="form" ng-submit="postReview()">

Run Code Online (Sandbox Code Playgroud)

我的postReview()代码如下

$scope.postReview = function () {
    var token = $('[name=__RequestVerificationToken]').val();

    var config = {
        headers: {
            "Content-Type": "multipart/form-data",
            // the following when uncommented does not work either
            //'RequestVerificationToken' : token
            //"X-XSRF-TOKEN" : token
        }
    }

    // tried the following, since my other MVC controllers (non-angular) send the token as part of form data, …

Run Code Online (Sandbox Code Playgroud)

javascript asp.net-mvc http http-headers angularjs

ind*_*imp

lucky-day

5
推荐指数

1
解决办法

4441
查看次数