C# “所需防伪表单字段”__RequestVerificationToken“;使用Ajax和Html时不存在。AntiForgeryToken()
我有一个控制器,它有两种动作方式。它们都用C# “所需防伪表单字段”__RequestVerificationToken“;使用Ajax和Html时不存在。AntiForgeryToken(),c#,jquery,ajax,asp.net-mvc,razor,C#,Jquery,Ajax,Asp.net Mvc,Razor,我有一个控制器,它有两种动作方式。它们都用[ValidateAntiForgeryToken()]和@Html进行注释。相应的视图中包括AntiForgeryToken()。现在调用其中一个方法(GetVendorOrders:其结果绑定到剑道网格)成功,而另一个(MakeVendorPayment)抛出异常“所需的防伪表单字段\uu RequestVerificationToken不存在”即使两者都提供了uu RequestVerificationToken值。 我尝试了以下三种方法: 在AJ
[ValidateAntiForgeryToken()]
和@Html进行注释。相应的视图中包括AntiForgeryToken()
。现在调用其中一个方法(GetVendorOrders
:其结果绑定到剑道网格)成功,而另一个(MakeVendorPayment
)抛出异常“所需的防伪表单字段\uu RequestVerificationToken不存在”即使两者都提供了uu RequestVerificationToken值。
我尝试了以下三种方法:
头:{'\uu RequestVerificationToken':令牌}
data:JSON.stringify({vendorId:vId,orderIds:oIds,\uu RequestVerificationToken:token})
data.\uuu RequestVerificationToken=token代码>
[HttpPost]
[ValidateAntiForgeryToken()]
public virtual ActionResult GetVendorOrders(DataSourceRequest command, VendorPaymentSearchModel model)
{
var orders = _orderService.SearchOrders(vendorId: model.VendorId, createdFromUtc: model.StartDate, createdToUtc: model.EndDate);
var gridModel = new DataSourceResult
{
Data = orders.Select(x =>
{
return new OrderModel
{
CustomOrderNumber = x.CustomOrderNumber,
CustomerFullName = x.CustomerFullName,
CustomerEmail = x.CustomerEmail,
OrderTotal = x.OrderTotal,
Commission = x.Commission,
VendorPayment = x.OrderTotal - x.Commission
};
}),
};
return Json(gridModel);
}
[HttpPost]
[ValidateAntiForgeryToken()]
public virtual ActionResult MakeVendorPayment(int vendorId, string[] orderIds)
{
foreach (var orderId in orderIds)
{
var order = _orderService.GetOrderById(Convert.ToInt32(orderId));
var vendorPayment = new VendorPayment()
{
VendorId = vendorId,
OrderId = Convert.ToInt32(orderId),
OrderTotal = order.OrderTotal,
Commission = order.Commission,
Payment = order.OrderTotal - order.Commission
};
_vendorPaymentService.InsertVendorPayment(vendorPayment);
}
return Json(new { Result = true });
}
`//Following are Javascript functions:
//This Call Successful
$(document).ready(function () {
$("#orders-grid").kendoGrid({
dataSource: {
type: "json",
transport: {
read: {
url: "@Html.Raw(Url.Action("GetVendorOrders", "Vendor"))",
type: "POST",
dataType: "json",
data: additionalData
}
},
},
dataBound: onDataBound,
columns: [
{
field: "Id",
field: "Id",
width: 50
},
{
field: "CustomOrderNumber",
title: "Order #",
width: 80
},
{
field: "OrderStatus",
title: "Order Status",
width: 100
},
{
field: "OrderTotal",
title: "Order Total",
width: 100
},
{
field: "Commission",
title: "Commission",
width: 100
},
{
field: "VendorPayment",
title: "VendorPayment",
width: 100
}
]
});`
//This results into error: The required anti-forgery form field "__RequestVerificationToken" is not present.
//Commented parts are the other ways that are tried.
$('#vendor-payment').click(function (e) {
e.preventDefault();
var orderIds = [];
var data = $("#orders-grid").data("kendoGrid").dataSource._data;
for (i = 0; i < data.length; i++) {
orderIds.push(data[i].CustomOrderNumber);
}
//var token = $('input[name=__RequestVerificationToken]').val();
$.ajax({
url: '@Url.Action("MakeVendorPayment", "Vendor")',
type: 'POST',
dataType: 'json',
//cache: false,
//headers: { '__RequestVerificationToken': token },
//data: addAntiForgeryToken({ vendorId: vId, orderIds: oIds }),
data: JSON.stringify({ vendorId: vId, orderIds: oIds, __RequestVerificationToken: token })
contentType: 'application/json; charset=utf-8',
success: function (result) {
console.log(result);
var grid = $("#orders-grid").data("kendoGrid");
grid.dataSource.read();
},
error: function (objAjaxRequest, strError) {
var respText = objAjaxRequest.responseText;
console.log(respText);
}
});
});
function addAntiForgeryToken(data) {
if (!data) {
data = {};
}
var token = $('input[name=__RequestVerificationToken]');
if (token.length) {
data.__RequestVerificationToken = token.val();
}
return data;
};
});
[HttpPost]
[ValidateAntiForgeryToken()]
公共虚拟操作结果GetVendorOrders(DataSourceRequest命令,VendorPaymentSearchModel)
{
var orders=_orderService.SearchOrders(vendorId:model.vendorId,createdFromUtc:model.StartDate,createdToUtc:model.EndDate);
var gridModel=新数据源结果
{
数据=订单。选择(x=>
{
返回新订单模型
{
CustomOrderNumber=x.CustomOrderNumber,
CustomerFullName=x.CustomerFullName,
CustomerEmail=x.CustomerEmail,
OrderTotal=x.OrderTotal,
佣金,佣金,
卖方付款=x.订单总额-x.佣金
};
}),
};
返回Json(gridModel);
}
[HttpPost]
[ValidateAntiForgeryToken()]
公共虚拟操作结果MakeVendorPayment(int vendorId,字符串[]OrderId)
{
foreach(orderId中的变量orderId)
{
var order=_orderService.GetOrderById(Convert.ToInt32(orderId));
var vendorPayment=新vendorPayment()
{
VendorId=VendorId,
OrderId=Convert.ToInt32(OrderId),
OrderTotal=order.OrderTotal,
佣金,佣金,
付款=订单.订单总额-订单.佣金
};
_卖方付款服务。插入卖方付款(卖方付款);
}
返回Json(新的{Result=true});
}
`//以下是Javascript函数:
//这通电话成功了
$(文档).ready(函数(){
$(“#订单网格”).kendoGrid({
数据源:{
键入:“json”,
运输:{
阅读:{
url:“@Html.Raw(url.Action(“GetVendorOrders”、“Vendor”)”,
类型:“POST”,
数据类型:“json”,
数据:附加数据
}
},
},
数据绑定:onDataBound,
栏目:[
{
字段:“Id”,
字段:“Id”,
宽度:50
},
{
字段:“CustomOrderNumber”,
标题:“订单#”,
宽度:80
},
{
字段:“订单状态”,
标题:“订单状态”,
宽度:100
},
{
字段:“OrderTotal”,
标题:“订单总数”,
宽度:100
},
{
字段:“佣金”,
标题:“委员会”,
宽度:100
},
{
字段:“卖方付款”,
标题:“卖方付款”,
宽度:100
}
]
});`
//这将导致错误:所需的防伪表单字段“\uu RequestVerificationToken”不存在。
//注释部分是尝试的其他方法。
$(“#供应商付款”)。单击(功能(e){
e、 预防默认值();
var orderIds=[];
var数据=$(“#订单网格”).data(“kendoGrid”).dataSource.#u数据;
对于(i=0;i
我很惊讶grid绑定的函数(调用GetVendorOrders)是成功的,但是按钮单击(调用MakeVendorPayment)会抛出错误:所需的反
$.ajax({
url: '@Url.Action("MakeVendorPayment", "Vendor")',
type: 'POST',
dataType: 'json',
data: { vendorId: vId, orderIds: oIds, __RequestVerificationToken: token },
success: function (result) {
console.log(result);
var grid = $("#orders-grid").data("kendoGrid");
grid.dataSource.read();
},
error: function (objAjaxRequest, strError) {
var respText = objAjaxRequest.responseText;
console.log(respText);
}
});
postData('@Url.Action("MakeVendorPayment", "Vendor")', { vendorId: vId, orderIds: oIds });
...
postData: (url, data) => {
$.ajax({
method: "POST",
url: url,
data: $.extend(data, kendo.antiForgeryTokens())
}).done(() => {
viewModel.items.read();
}).fail((e) => {
error_handler(e);
});
}