我对MVC项目的以下详细信息有疑问。
当我尝试将jquery ajax请求与加载面板(例如旋转gif(甚至文本))一起使用时,从提琴手观察到我收到错误消息
所需的反伪造表单字段“ __RequestVerificationToken”不存在。
如果我[ValidateAntiForgeryToken] attribute 在POST动作方法上发表评论 并使用加载面板,它工作正常,我想知道为什么会收到此错误。
[ValidateAntiForgeryToken] attribute
我什至使用了查询字符串
__RequestVerificationToken= $('input[name="__RequestVerificationToken"').val()
还是我出错了
防伪令牌无法解密。如果此应用程序由Web场或群集托管,请确保所有计算机都运行相同版本的ASP.NET网页,并且确保<machineKey>配置指定了显式加密和验证密钥。
<machineKey>
自动生成不能在群集中使用
我应该使用什么?
在这里它更新了问题代码
var token = $('input[name="__RequestVerificationToken"]').val(); $('#submitaddress').click(function subaddr(event) { event.preventDefault(); event.stopPropagation(); //$('#addAddress').html('<img src="/img/animated-overlay.gif"> Sending...'); // $('#addAddress').blur(); // $(this).bl if ($('#Jobid').val()!="") { $('#TransportJobId').val(parseInt($('#Jobid').val())); $.ajax( { url: '/TransportJobAddress/create', type: 'POST', data: "__RequestVerificationToken=" + token + "" + $('form[action="/TransportJobAddress/Create"]').serialize(), success: function poste(data, textStatus, jqXHR) { $('#addAddress').html(data); return false; }, error: function err(jqXHR, textStatus, errorThrown) { alert('error at address :' + errorThrown); } }); } else { var transportid = 2; $.ajax({ url: '/TransportJob/create', type: 'POST', data: "__RequestVerificationToken=" + token + "" + $('form[action="/TransportJob/Create"]').serialize(), success: function sfn(data, textStatus, jqXHR) { transportid = parseInt(data); $('#Jobid').val(data); // alert('inserted id :' + data); $('#TransportJobId').val((transportid)); $.ajax( { url: '/TransportJobAddress/create', type: 'POST', //beforeSend: function myintserver(xhr){ // $('#addAddress').html('<div id="temp_load" style="text-align:center">please wait ...</div>'); //}, data: "__RequestVerificationToken=" + token + "" + $('form[action="/TransportJobAddress/Create"]').serialize(), success: function poste(data, textStatus, jqXHR) { $('#addAddress').html(data); }, error: function err(jqXHR, textStatus, errorThrown) { alert('error at address :' + errorThrown); } }); }, error: function myfunction(jqXHR, textStatus, errorThrown) { alert("error at transport :" + jqXHR.textStatus); }, complete: function completefunc() { // alert('ajax completed all requests'); return false; } }); } });
表单标签
<form action="/TransportJob/Create" method="post"><input name="__RequestVerificationToken" type="hidden" value="ydYSei0_RfyBf619dQrhDwwoCM7OwWkJQQEMNvNdAkefiFfYvRQ0MJYYu0zkktNxlJk_y1ZJO9-yb- COap8mqd0cvh8cDYYik4HJ0pZXTgE1" />
同一页面上的TransportJob表单标签2
<form action="/TransportJobAddress/Create" method="post" novalidate="novalidate"><input name="__RequestVerificationToken" type="hidden" value="Np2vUZJPk1TJlv846oPSU6hg4SjMHRcCk1CacaqZbpHOg8WbV4GZv06noRDl7F_iT9qQf3BIXo3n9wGW68sU mki7g3-ku_BSHBDN-g2aaKc1">
您是否已将令牌添加到ajax调用的标题中?
您需要在ajax调用的消息标题中添加AntiForgeryToken:
var token = $('input[name="__RequestVerificationToken"]').val(); var headers = {}; headers['__RequestVerificationToken'] = token; $.ajax({ url: ... some url, headers: headers, .... });
在您的代码中尝试以下操作:
var token = $('input[name="__RequestVerificationToken"]').val(); var tokenadr = $('form[action="/TransportJobAddress/Create"] input[name="__RequestVerificationToken"]').val(); var headers = {}; var headersadr = {}; headers['__RequestVerificationToken'] = token; headersadr['__RequestVerificationToken'] = tokenadr; $('#submitaddress').click(function subaddr(event) { event.preventDefault(); event.stopPropagation(); //$('#addAddress').html('<img src="/img/animated-overlay.gif"> Sending...'); // $('#addAddress').blur(); // $(this).bl if ($('#Jobid').val()!="") { $('#TransportJobId').val(parseInt($('#Jobid').val())); $.ajax( { url: '/TransportJobAddress/create', type: 'POST', headers:headersadr, data: "__RequestVerificationToken=" + token + "" + $('form[action="/TransportJobAddress/Create"]').serialize(), success: function poste(data, textStatus, jqXHR) { $('#addAddress').html(data); return false; }, error: function err(jqXHR, textStatus, errorThrown) { alert('error at address :' + errorThrown); } }); } else { var transportid = 2; $.ajax({ url: '/TransportJob/create', type: 'POST', headers:headers, data: $('form[action="/TransportJob/Create"]').serialize(), success: function sfn(data, textStatus, jqXHR) { transportid = parseInt(data); $('#Jobid').val(data); // alert('inserted id :' + data); $('#TransportJobId').val((transportid)); $.ajax( { url: '/TransportJobAddress/create', type: 'POST', //beforeSend: function myintserver(xhr){ // $('#addAddress').html('<div id="temp_load" style="text-align:center">please wait ...</div>'); //}, headers:headers, data: $('form[action="/TransportJobAddress/Create"]').serialize(), success: function poste(data, textStatus, jqXHR) { $('#addAddress').html(data); }, error: function err(jqXHR, textStatus, errorThrown) { alert('error at address :' + errorThrown); } }); }, error: function myfunction(jqXHR, textStatus, errorThrown) { alert("error at transport :" + jqXHR.textStatus); }, complete: function completefunc() { // alert('ajax completed all requests'); return false; } }); } });
在ajax调用中添加了标题行。