0

Is this sucure way to get rid of problem;

The required anti-forgery form field "__RequestVerificationToken" is not present

function Delete(id) {
        if (confirm('Are you sure to delete the record?')) {
            var token = $('input[name="__RequestVerificationToken"]').val();
            $.ajax({
                type: "POST",
                url: '@Url.Action("Delete", "Survey")/' + id,
                data: {
                    __RequestVerificationToken: token
                },
                success: function (data) {
                    if (data.success) {
                        dataTable.ajax.reload();
                        $.notify(data.message,
                            {
                                className: "success",
                                globalPosition: "top center",
                                title: "BAŞARILI"


                            });
                    }
                }

            });
        }
    }

Sounds like it can be imitated. Could you please explain why or not?

  • The verification token is a per request token that is sent to the browser and is passed back when posting the form, you can imitate it for your request but not at scale, I'm not sure what the question is asking? – Mark Davies Jan 08 '20 at 14:55
  • I would like to ask that I open a popup when creating a new record or updating. And this popup is a form.This form has the Html.AntiForgeryValidation tag. When the add or update process is finished,I close the popup and update the list on the homepage with ajax. No problem here. But I do the deletion process by pressing the delete button on each line on the main page. I am not opening any form.I don't use 'Html.AntiForgeryValidation' tag because I don't open a form. As above,I do the deletion again with ajax. I'm not sure it is correct.The token you use in the delete event is sent to whichform –  Jan 08 '20 at 21:02

0 Answers0