0

I'm trying to pass the anti-forgery token inside each ajax call for CSRF protection. the problem is I have two POST ajax methods in one view and one of them passes and the other pops an error The required anti-forgery form field "__RequestVerificationToken" is not present. although I'm passing it. What to do so I can be able to pass token to each ajax? Is there a better approach?

$(document).ready(function () {
        //toastr.success('Success messages');
        var token = $("[name='__RequestVerificationToken']").val();

        function RecSLAData() {
            SLAData();
            var account = $('#Account_ID').val();

            //***Empty LOB for another selection***//

            $('#Duration').children().remove();

            $.ajax({
                type: 'POST',
                url: '/Add_Request/GetRecSLA/',
                data: {
                    __RequestVerificationToken: token,
                    acc: account,

                },
                success: function (result) {

                    //***loop on results and add to LOB***//
                    $.each(result, function (k, SubAccounts) {


                        $("#Duration").append('<option value="' + SubAccounts.Value + '">' + SubAccounts.Text + '</option>');

                        //$('<option>').val(v.Sub_Account_ID).text(v.Sub_Account_Name).appendTo('#LOB');
                    });
                }
            });
        };

        $('#Account_ID').on('change', function () {
            var account = $('#Account_ID').val();
            var Emp = $('#Employee_no').val();
            var Operation_Date = $('#Operation_Date').val();

           // $('#LOB').children('option:not(:first)').remove();
            $('#LOB').children().remove();

            $.ajax({
                type: 'POST',
                url: '/Add_Request/GetData/',
                data: {
                    __RequestVerificationToken: token,
                    acc: account,

                },
                success: function (result) {

                    $.each(result, function (k, SubAccounts) {

                        $("#LOB").append('<option value="' + SubAccounts.Value + '">' + SubAccounts.Text + '</option>');

                      });
                }
            });

I added @html.anitforgerytoken() at the form i'm sending . Also added [ValidateAntiForgery] above each post method i'm sending data to in the controller. the solutions i tried : antiforgery for ajax

I'm stuck here. I really appreciate your help.

2766
  • 145
  • 11
  • 1
    Does this answer your question? [How to make ajax request with anti-forgery token in mvc](https://stackoverflow.com/questions/19788916/how-to-make-ajax-request-with-anti-forgery-token-in-mvc) – Ashiquzzaman Mar 01 '20 at 09:13
  • hi @Ashiquzzaman , i was trying this answer https://stackoverflow.com/a/19789354/11075652 but it is not working. I tried to append it to the data in the ajax still won't work. do you have any suggestions for me or alterations I should try? Thanks in advance. – 2766 Mar 01 '20 at 09:36
  • @Ashiquzzaman . the problem is in the suggested answer is all post methods under the same event. but mine have different ones. I appreciate your help. is there another way to use stackoverflow.com/a/19789354/11075652 – 2766 Mar 01 '20 at 09:57
  • You need to add AntiForgeryToken in your message header in the ajax call. please try https://stackoverflow.com/a/19789292/3557266 – Ashiquzzaman Mar 01 '20 at 11:00
  • Hi @Ashiquzzaman , still not working – 2766 Mar 01 '20 at 13:11
  • I was trying this answer https://stackoverflow.com/a/12116344/11075652 but only one ajax that passes data and the other pops an error. I feel like I'm spinning around – 2766 Mar 01 '20 at 13:31

0 Answers0