IAntiforgery use with Grid

2 posts, 0 answers
  1. Joel
    Joel avatar
    207 posts
    Member since:
    Jun 2018

    Posted 24 Jul 2020 Link to this post

        I creatred a new project using the Telerik template.  By default, the IAntiforgery token was injected.  In order to use that token, the Datasource invokes it this way:

        .DataSource(ds => ds.Ajax()
                .Read(r => r.Url("/Index?handler=Read").Data("forgeryToken"))

     

    That .Data references to a script like this:

    <script>
        function forgeryToken() {
            return kendo.antiForgeryTokens();
        }
    </script>

    Question... if I have additional data to include, how is the forgeryToken included?

    I use a script like this:

    function gridGetData() {
        //alert("grid.gridGetData");
        //alert("customerId: " + customerId);
     
        var groupId = $("#groupId").val();
     
        if (groupId != null && groupId !== 0) {
     
            var firstName = $("#firstNameFilter").val();
            var lastName = $("#lastNameFilter").val();
            var isActive = $("#isActiveOptions").val();
             
            //alert("gridGetData - firstName: " + firstName);
            //alert("gridGetData - lastName: " + lastName);
            //alert("gridGetData - isActive: " + isActive);
     
            return {
                customerId: customerId,
                customerUniqueId: customerUniqueId,
                groupId: groupId,
                sessionId: sessionId,
                firstNameFilter: firstName,
                lastNameFilter: lastName,
                isActiveFilter: isActive
            };
        } else {
            return @Html.Raw(Model.GetIndexData());
        }
    }

     

  2. Tsvetomir
    Admin
    Tsvetomir avatar
    796 posts

    Posted 29 Jul 2020 Link to this post

    Hi Joel,

    You could create a new object in which you can pass the additional data along the AntiForgeryToken. Here is an example:

    function forgeryToken() {
                 return $.extend(true, {}, kendo.antiForgeryTokens(), {text: "my val"});
            }

     

    Regards,
    Tsvetomir
    Progress Telerik

Back to Top