3

I have an IE8/IE9 CORS request using XDomainRequest of type POST coming into an ASP .NET MVC 3 web application. The linked blog post indicates that:

Only text/plain is supported for the request's Content-Type header

Now, since the Content-Type is text/plain and this is outside my control, the MVC framework will not bind the POST content parameters. It only seems to bind them when the Content-Type is application/x-www-form-urlencoded.

I cannot read the parameters from the Request object either.

I need to find a way for MVC to bind these parameters. I thought about trying to modify the Content-Type of the request on Application_BeginRequest but this didn't work.

How can I get the MVC Framework to bind the POST parameters when the Content-Type is text/plain?

Update

I believe the parameters will be available through the Request.InputStream property. I'm looking for a way to generically bind these parameters using the MVC Framework default binding. I'd prefer not to have to write a model binder for every model in my project.

Zaid Masud
  • 13,225
  • 9
  • 67
  • 88
  • My initial idea would be to create a custom model binder. But since you say that you can't even access the Request object, I'm not sure if this would be an option. – Andy T Nov 08 '13 at 21:11
  • @QuetiM.Porta I've searched through the `Request` object in debug mode, and can't find the POST content params. Fiddler is showing them coming in though. Maybe I'm not looking in the right place on the `Request` object? They're not in the `Headers` or `Params` collections. – Zaid Masud Nov 08 '13 at 21:15
  • If you do Request["yourParamName"] it is null? – Romias Nov 10 '13 at 22:00
  • Did you check HttpContext object? – Romias Nov 10 '13 at 22:07
  • @Romias yes Request["yourParamName"] is null. – Zaid Masud Nov 10 '13 at 22:41

2 Answers2

4

Check if:

  • You really are sending a x-www-form-urlencoded. Maybe you are sending a JSON?
  • The response includes Access-Control-Allow-Origin header

I tried the following and it worked:

public class MvcApplication : System.Web.HttpApplication
{
    protected void Application_BeginRequest()
    {
        if (String.IsNullOrEmpty(Context.Request.ContentType) && Context.Request.HttpMethod == "POST")
        {
            Context.Request.ContentType = "application/x-www-form-urlencoded";
        }
    }

    protected void Application_EndRequest()
    {
        Context.Response.AddHeader("Access-Control-Allow-Origin", "*");
    }
}

Note: For better modularity, you may want to implement Application_BeginRequest as a HTTP module and CORS (the Access-Control-Allow-Origin) as an ActionFilter

LostInComputer
  • 15,188
  • 4
  • 41
  • 49
1

No real experience in this subject, but here you can see some approaches thar could help you.

Check this SO Questions and workarounds:

Here is how it can be done in ASP.NET WebAPI:

http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api

Community
  • 1
  • 1
Romias
  • 13,783
  • 7
  • 56
  • 85