Pass Antiforgery token with Server Bound Grid

5 posts, 0 answers
  1. Chris
    Chris avatar
    6 posts
    Member since:
    May 2013

    Posted 17 May 2013 Link to this post

    I'm using mvc 4 with a server bound grid.  When the actions are posted to my controller, they do not include the antiforgery token and therefore .net throws up an error.  I've seen examples on how to pass the token with ajax bound grids, but not with server bound grids.  How would this be accomplished?
  2. Petur Subev
    Petur Subev avatar
    1882 posts

    Posted 21 May 2013 Link to this post

    Hello Curt,

    Unfortunately the Grid does not does not offer you a way to append additional parameters to the URLs that are generated for the different links - such as paging / sorting etc.

    The only work-around I can suggest you is to override the whole transport option like this before initializing the Grid:

    <script type="text/javascript">
        $.extend(true,, {
            transports: {
                    read: function (options) {
                        var url,
                            prefix = this.options.prefix,
                            params = [prefix + "sort",
                                prefix + "page",
                                prefix + "pageSize",
                                prefix + "group",
                                prefix + "aggregate",
                                prefix + "filter"],
                            regExp = new RegExp("(" + params.join('|') + ")=[^&]*&?", "g"),
                        query =, "").replace("?", "");
                        if (query.length && !(/&$/.test(query))) {
                            query += "&";
                        options = this.setup(options, "read");
                        url = options.url;
                        if (url.indexOf("?") >= 0) {
                            url += "&" + query;
                        } else {
                            url += "?" + query;
                        url += $.map(, function (value, key) {
                            return key + "=" + value;
                       //here you can try to modify the URL and REPLACE (if existing) the antiforgery token
                        location.href = url;

    I am sorry that the server binding does not support a way to send additional parameters.

    Kind Regards,
    Petur Subev
    the Telerik team
    Join us on our journey to create the world's most complete HTML 5 UI Framework - download Kendo UI now!
  3. Shane
    Shane avatar
    5 posts
    Member since:
    Sep 2015

    Posted 15 Oct 2015 in reply to Petur Subev Link to this post

    Is this still the only solution for sending the antiforgery token when using a server binding grid?  I'm just asking as it's over 2-year-old post.
  4. Alexander Popov
    Alexander Popov avatar
    1443 posts

    Posted 20 Oct 2015 Link to this post

    Hello Shane,

    You can try passing the token through the route values object, for example: 
    .Read("ServerEditing", "Grid", new { @__RequestVerificationToken =  token})

    Alexander Popov
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  5. Brad
    Brad avatar
    3 posts
    Member since:
    Jul 2014

    Posted 26 May 2016 Link to this post

    Since this is such a common operation for both server and Ajax bound grids (post method), would it not be valuable to add a method for this?  Maybe something like this:

    .Read("ServerEditing", "Grid", new { @__RequestVerificationToken =  token}).AppendRequestVerificationToken()

    Just a thought.
Back to Top