Skip to content

Instantly share code, notes, and snippets.

@jayhjkwon

jayhjkwon/ApiController.cs

Last active December 22, 2015 17:39
Show Gist options
  • Save jayhjkwon/6507780 to your computer and use it in GitHub Desktop.
Save jayhjkwon/6507780 to your computer and use it in GitHub Desktop.
Download ZIP
jitsu deploy
Raw
ApiController.cs
void ValidateRequestHeader(HttpRequestMessage request)
{
string cookieToken = "";
string formToken = "";
IEnumerable<string> tokenHeaders;
if (request.Headers.TryGetValues("RequestVerificationToken", out tokenHeaders))
{
string[] tokens = tokenHeaders.First().Split(':');
if (tokens.Length == 2)
{
cookieToken = tokens[0].Trim();
formToken = tokens[1].Trim();
}
}
AntiForgery.Validate(cookieToken, formToken);
}
Raw
form.cshtml
@using (Html.BeginForm("Manage", "Account")) {
@Html.AntiForgeryToken()
}
Raw
form.html
<form action="/Home/Test" method="post">
<input name="__RequestVerificationToken" type="hidden"
value="6fGBtLZmVBZ59oUad1Fr33BuPxANKY9q3Srr5y[...]" />
<input type="submit" value="Submit" />
</form>
Raw
form.js
<script>
@functions{
public string TokenHeaderValue()
{
string cookieToken, formToken;
AntiForgery.GetTokens(null, out cookieToken, out formToken);
return cookieToken + ":" + formToken;
}
}
$.ajax("api/values", {
type: "post",
contentType: "application/json",
data: { }, // JSON data goes here
dataType: "json",
headers: {
'RequestVerificationToken': '@TokenHeaderValue()'
}
});
</script>
@resisa
Copy link

resisa commented Sep 27, 2013

test2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment