如何在MVC中的Ajax动作链接中包含AntiForgeryToken？ [英] how to include AntiForgeryToken in an ajax action link in mvc?

问题描述

我有以下代码：

@Ajax.ActionLink("Delete", "Delete", 
new { id = item.ID, RequestVerificationToken=*What comes here?*}, 
new AjaxOptions { HttpMethod = "POST", UpdateTargetId = "formsIndex" })

我想在客户端中不使用JavaScript的情况下将验证令牌添加到链接中，这似乎是多余的依赖项，因为我已经在服务器中拥有该值。有正确的方法吗？

I want to add the verification token to the link without using javascript in client side, it seems like a redundant dependancy since i already own that value in server. Is there a proper way to do that?

推荐答案

来自 MSDN文档（我的重点）

HtmlHelper.AntiForgeryToken方法

HtmlHelper.AntiForgeryToken Method

生成一个隐藏表单字段（防伪令牌），当表单已提交。

Generates a hidden form field (anti-forgery token) that is validated when the form is submitted.

您需要一个form元素来生成防伪令牌。

You need a form element to generate the anti-forgery token.

@Ajax.BeginForm("Delete", new { id = item.ID }, new AjaxOptions { UpdateTargetId = "formsIndex" }))
{
  @Html.AntiForgeryToken()
  <input type="submit" value="Delete" /> // style to look like a link if that's what you want
}

这篇关于如何在MVC中的Ajax动作链接中包含AntiForgeryToken？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！