ASP.NET MVC 4.0 Features

MVC Anti forgery for HTTP Headers validator

//WEB API ANTIFORGERY CUSTOM ACTION FILTER ATTRIBUTE
public class AntiForgeryValidateRequests : BaseActionFilterAttribute
{
    public override void OnActionExecuting(HttpActionContext filterContext)
    {
        if (filterContext != null && filterContext.RequestContext != null && filterContext.Request != null)
        {
            string cookieToken = "";
            string formToken = "";

            IEnumerable<string> tokenHeaders = filterContext.Request.Headers.GetValues(Constant.RequestVerificationToken);
            if (tokenHeaders != null && tokenHeaders.Count() > 0)
            {
                string[] tokens = tokenHeaders.First().Split(':');
                if (tokens.Length == 2)
                {
                    cookieToken = tokens[0].Trim();
                    formToken = tokens[1].Trim();
                }
            }

            System.Web.Helpers.AntiForgery.Validate(cookieToken, formToken);
        }

        base.OnActionExecuting(filterContext);
    }        
}

JavaScript,

$.ajax({
    url: requestURL,
    type: 'POST',
    contentType: "application/json; charset=utf-8",
    data: null,
    beforeSend: function (xhr) {
        xhr.setRequestHeader("Request_Token", request_token);
        xhr.setRequestHeader("Request_Order", request_order);
    },
    async: true,
    cache: false,
    success: function (data) {
        if (data !== undefined && data !== null) {
            if (data.Code == "OK") {
                alertDialog('info', 'Information', "Success", data.Message, null);
                return false;
            }
            else if (data.Code == "ERROR") {
                alertDialog('error', 'Error', 'Error', data.Message, null);
                return false;
            }
        }
    }
});

Go for more,
https://nozzlegear.com/blog/send-and-validate-an-asp-net-antiforgerytoken-as-a-request-header
http://www.codeproject.com/Tips/879039/MVC-Anti-forgery-validator-for-HTTP-Headers
http://stackoverflow.com/questions/19788916/how-to-make-ajax-request-with-anti-forgery-token-in-mvc
http://stackoverflow.com/questions/4074199/jquery-ajax-calls-and-the-html-antiforgerytoken

ANIL SINGH

Anil Singh is an author, tech blogger, and software programmer. Book writing, tech blogging is something do extra and Anil love doing it. For more detail, kindly refer to this link..

My Tech Blog - https://www.code-sample.com/
My Books - Book 1 and Book 2

www.code-sample.com/. Powered by Blogger.
^