Dear all,
We have Problem in the send post ajax from DevExpress GridView into ASPzero control ,when click on New, Edit or Delete
the below error appears
Bad Request - 400 Empty or invalid anti forgery header
- We are using ASPzero as framework <a class="postlink" href="https://github.com/aspnetboilerplate/aspnetboilerplate/issues/2222">https://github.com/aspnetboilerplate/as ... ssues/2222</a>
settings.Name = "grdAccCategoriesPartial" settings.CallbackRouteValues = new { Controller = "Home", Action = "grdAccCategoriesPartial" } settings.SettingsEditing.AddNewRowRouteValues = new { Controller = "Home", Action = "grdAccCategoriesPartialAddNew" } settings.SettingsEditing.UpdateRowRouteValues = new { Controller = "Home", Action = "grdAccCategoriesPartialUpdate" } settings.SettingsEditing.DeleteRowRouteValues = new { Controller = "Home", Action = "grdAccCategoriesPartialDelete" } settings.KeyFieldName = "Id"
1 Answer(s)
-
0
Hi @Reyada,
I think DevExpress does not send anti forgery token to server. You need to intercept DevExpress's ajax request and add "X-XSRF-TOKEN" token to request headers. You can get it's value using "abp.security.antiForgery.getToken()" on the client side.
As far as I remember, this ajax interception option can be done in a single point in DevExpress. You can find it in DevExpress documents.
Thanks.
