Ajax调用中的防伪标记 [英] Anti-forgery token in Ajax calls

问题描述

您好，



我在现有的MVC应用程序中进行了强化代码分析，强化推荐我在所有HTTP POST调用中实现防伪令牌，如下所示。

Hello,

I did a fortify code analysis in an existing MVC application and fortify recommend me to implement anti-forgery token in all HTTP POST calls as below.

var token = $('input[name="__RequestVerificationToken"]').val();

var headers = {};

headers['__RequestVerificationToken'] = token;

$.ajax({
        url: ... some url,
        headers: headers,
        ....
});

在整个应用程序的所有Ajax调用中添加__RequestVerificationToken可能具有挑战性。



请帮助我了解如何在不修改现有应用程序中的所有 ajax 调用的情况下实现防伪令牌？

Adding __RequestVerificationToken in all Ajax calls across the application can be challenging.

Please help me to understand ways to implement anti-forgery token without modifying all ajax calls in an existing application?

推荐答案

（' input [name =__ RequestVerificationToken]'）。val（）;

var headers = {};

headers [' __ RequestVerificationToken'] = token;

('input[name="__RequestVerificationToken"]').val(); var headers = {}; headers['__RequestVerificationToken'] = token;

.ajax（{
url：... some url，
header：headers，
....
}）;

.ajax({ url: ... some url, headers: headers, .... });

在整个应用程序的所有Ajax调用中添加__RequestVerificationToken可能具有挑战性。



请帮帮我了解如何在不修改现有应用程序中的所有 ajax 调用的情况下实现防伪令牌？

Adding __RequestVerificationToken in all Ajax calls across the application can be challenging.

Please help me to understand ways to implement anti-forgery token without modifying all ajax calls in an existing application?

您是否会阅读本文，它似乎很清楚： http://blogs.perficient.com/microsoft/2014/02/asp-net-mvc-anti-forgery-token-demystified-part-1-what-is-it [ ^ ]？

（参见本页引用的其他部分。）



很抱歉，如果你已经知道所有那;如果是这样，请更清楚地解释您的疑虑。

-SA

Would you read this article, it seems to be pretty clear: http://blogs.perficient.com/microsoft/2014/02/asp-net-mvc-anti-forgery-token-demystified-part-1-what-is-it[^]?
(See other parts referenced from this page.)

Sorry if you already know all that; if so, please explain your concern more clearly.

—SA

这篇关于Ajax调用中的防伪标记的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！