This question is locked. New answers and comments are not allowed.
Hello,
I am not able to get AntiForgeryToken working with the upload control.
Here is my example.
And here is my onupload function.
I get an error back "A required anti-forgery token was not supplied or was invalid."
Thank you,
mm
I am not able to get AntiForgeryToken working with the upload control.
Here is my example.
<% using (Html.BeginForm("Save", "Customer", FormMethod.Post, new { enctype = "multipart/form-data" })) {%> <% Html.EnableClientValidation(); %> <%: Html.AntiForgeryToken(CommandCenter.Security.Constants.AntiForgeryTokenSalt)%> <%: Html.Telerik().Upload() .Name("fCustomers") .Multiple(false) .ClientEvents(ce => ce .OnUpload("d_OnUpload") ) .Async(a => a .Save("Upload", "Customer") .Remove("Remove", "Customer") .AutoUpload(false) ) %><% } %>And here is my onupload function.
function d_OnUpload(e) { e.data = { __RequestVerificationToken: getAntiForgeryToken().value };}[HttpPost]public ActionResult Upload(HttpPostedFileBase fCustomers){ var attachmentName = Path.GetFileName(fCustomers.FileName); var upload_path = ConfigurationManager.AppSettings["upload_dir"]; fCustomers.SaveAs(Path.Combine(upload_path, attachmentName)); return Json(new { fname = attachmentName }, "text/plain");}I get an error back "A required anti-forgery token was not supplied or was invalid."
Thank you,
mm
6 Answers, 1 is accepted
0
murali
Top achievements
Rank 1
Rank 1
answered on 27 Apr 2011, 05:02 PM
After further debug...
I have found that the form submitted (iframe) doesn't have any elements, and this is what is causing the Authrization to fail.
How do I add my input element to the form that is used during upload?
Thank you,
mm
I have found that the form submitted (iframe) doesn't have any elements, and this is what is causing the Authrization to fail.
How do I add my input element to the form that is used during upload?
Thank you,
mm
0
Hi,
These changes will be available in the next internal build that we'll upload later today. As a token of gratitude for your involvement your Telerik points have been updated.
Tsvetomir Tsonev
the Telerik team
It turns out that the Anti-Forgery Token is not processed when it's submitted as part of the query string. And the Upload does just that.
We've fixed this problem and the user data is now submitted as form fields. In addition, the AFT will be automatically added to the user data, when present. This applies for both the Save and Remove actions.
Your code can now be reduced to:
<%: Html.AntiForgeryToken(CommandCenter.Security.Constants.AntiForgeryTokenSalt)%><%: Html.Telerik().Upload() .Name("fCustomers") .Multiple(false) .Async(a => a .Save("Upload", "Customer") .Remove("Remove", "Customer") .AutoUpload(false) )%>These changes will be available in the next internal build that we'll upload later today. As a token of gratitude for your involvement your Telerik points have been updated.
Tsvetomir Tsonev
the Telerik team
Do you want to have your say when we set our development plans?
Do you want to know when a feature you care about is added or when a bug fixed?
Explore the
Telerik Public Issue Tracking
system and vote to affect the priority of the items
0
murali
Top achievements
Rank 1
Rank 1
answered on 04 May 2011, 05:29 PM
That sounds great, thank you for the quick fix Tsonev.
How can I download the latest build, or can you send me a patch?
Thank you,
mm
How can I download the latest build, or can you send me a patch?
Thank you,
mm
0
Hi,
Tsvetomir Tsonev
the Telerik team
You can download the fixed 2011.1.502 build by following the "Latest Internal Builds" link in your account home page.
I hope this helps.
Tsvetomir Tsonev
the Telerik team
Do you want to have your say when we set our development plans?
Do you want to know when a feature you care about is added or when a bug fixed?
Explore the
Telerik Public Issue Tracking
system and vote to affect the priority of the items
0
murali
Top achievements
Rank 1
Rank 1
answered on 05 May 2011, 04:37 PM
Thank you Tsonev, I did download the 2011.1.502 version, I replaced content, scripts and dll reference. After the upgrade none of these work, Grid, Menu and Window. I am doing something wrong?
I had to rollback to 2011.1.315.
Thank you,
Murali.
I had to rollback to 2011.1.315.
Thank you,
Murali.
0
Hi mm,
Atanas Korchev
the Telerik team
Could it be that the upgrade was not properly done. You can check the upgrade help topic to see if you have missed some important part of the upgrade process. All the mentioned components should work as expected in that build.
All the best,Atanas Korchev
the Telerik team
Do you want to have your say when we set our development plans?
Do you want to know when a feature you care about is added or when a bug fixed?
Explore the
Telerik Public Issue Tracking
system and vote to affect the priority of the items