Skip to main content

Posts

Showing posts from July, 2014

Processing AntiForgeryToken send with Ajax

You might have seen below error while doing ajax post to MVC action that validates AntiForgeryToken. ASP.net MVC ValidateAntiForgeryToken does not handle passing RVToken in ajax requests by default. ex: Below token sent in header won't be accepted at Controller level in MVC: __RequestVerificationToken = $('[name=__RequestVerificationToken]').val() I found a  better solution that works perfectly fine for all POST requests. Just implement the custom MVC Authorize attribute as shown below code:  [AttributeUsage(AttributeTargets.Class, AttributeTargets.Method)] public class MyValidateAntiForgeryToken : AuthorizeAttribute { public override void OnAuthorization( AuthorizationContext filterContext ) { var request = filterContext.HttpContext.Request; if (request.HttpMethod == WebRequestMethods.Http.Post) { if (request.IsAjaxRequest()) { var antiForgeryCookie = request.Cookies[AntiForgeryCon...