C# MVC1-5 AntiForgeryToken with pure JavaScript XMLHttpRequest not JQUERY ajax

  • Thread starter Thread starter Zammel The Sacred Code
  • Start date Start date
Z

Zammel The Sacred Code

Guest
I'm looking to code ajax call in pure JavaScript please? Note: Not looking for MVC Core 1+

Below Code works in JQUERY


var sMVCParameter1 = "1";
var sMVCParameter2 = "2";
var sToken = document.getElementsByName("__RequestVerificationToken")[0].value;
$.ajax({
url: "/Home/ClickCreateAccount/",
type: "POST",
contentType: "application/x-www-form-urlencoded",
data: { '__RequestVerificationToken': sToken, 'sMVCParameter1': sMVCParameter1, 'sMVCParameter2': sMVCParameter2 }
})
.done(function (data) {
//Process MVC Data here
})
.fail(function (jqXHR, textStatus, errorThrown) {
//Process Failure here
});



What I have tried:

==========================================================
The JavaScript Might Look like this
==========================================================

<script type="text/javascript">
function Test_JS_Ajax() {

var sToken = document.getElementsByName("__RequestVerificationToken")[0].value;

var xmlHttp;
//Let us create the XML http object
xmlHttp = null;

if (window.XMLHttpRequest) {
//for new browsers
xmlHttp = new XMLHttpRequest();
}
else if (window.ActiveXObject) {
var strName = "Msxml2.XMLHTTP"
if (navigator.appVersion.indexOf("MSIE 5.5") >= 0) {
strName = "Microsoft.XMLHTTP"
}
try {
xmlHttp = new ActiveXObject(strName);
}
catch (e) {
alert("Error. Scripting for ActiveX might be disabled")
return false;
}
}

if (xmlHttp != null) {
//Handle the response of this async request we just made(subscribe to callback)
xmlHttp.onreadystatechange = function () {
if (xmlHttp.readyState == 4 && xmlHttp.status == 200) {
var data = JSON.parse(xmlHttp.responseText);
alert(data);
}
}
xmlHttp.onerror = function () {
//Not Connected
}
//Pass the value to a web page on server as query string using XMLHttpObject.


//VERSION 1 TESTED FAILED
//xmlHttp.open("GET", "/Home/Test/?sString1=" + "1", true);
//xmlHttp.setRequestHeader("__RequestVerificationToken", sToken);
//xmlHttp.send();

//VERSION 2 TESTED FAILED
//xmlHttp.open("GET", "/Home/Test/", true);
//xmlHttp.setRequestHeader("Content-type", "application/json");
//xmlHttp.setRequestHeader("__RequestVerificationToken", sToken);
//xmlHttp.send(JSON.stringify({ "sString1": "1" }));

//VERSION 3 TESTED FAILED
//xmlHttp.open("GET", "/Home/Test/", true);
//xmlHttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
//xmlHttp.setRequestHeader("__RequestVerificationToken", sToken);
//xmlHttp.send(JSON.stringify({ "sString1": "1" }));

//VERSION 4 TESTED FAILED
xmlHttp.open("GET", "/Home/Test/", true);
xmlHttp.setRequestHeader("__RequestVerificationToken", sToken);
xmlHttp.send(JSON.stringify({ "sString1": "1" }));
}
else {
//Browser not supported! Please update your browser!
}
}

</script>


C# Code looks like

[ValidateAntiForgeryToken]
public JsonResult Test(string sString1)
{
return Json("T", JsonRequestBehavior.AllowGet);
}

CShtml View
Hide Copy Code


<body onload="Test_JS_Ajax()">

@Html.AntiForgeryToken()


Continue reading...
 
Back
Top