javascript - How to handle X-CSRF-Token for jQuery POST in UI5? -

i want use jquery post method call xsjs service modifications in database.my xsaccess file prevents xsrf, need handle in controller method.

below controller code-

    var obj= {};           obj.name= "john";           obj.age= "abc@xyz.com";           obj.loc= "minnesota";      jquery.ajax({             url: "servicetest.xsjs",             type: "get",             data: json.stringify(obj),             beforesend: function(xhr) {                 xhr.setrequestheader("x-csrf-token", "fetch");             },             success: function(responsetoken, textstatus, xmlhttprequest) {         var token = xmlhttprequest.getresponseheader('x-csrf-token');                          console.log("token = " +token);                 jquery.ajax({                     url: "servicetest.xsjs",                     type: "post",                     data: json.stringify(obj),                     beforesend: function(xhr) {                         xhr.setrequestheader("x-csrf-token", token);                     },                     success : function(response) {                          // called once xsjs file sends                               response                          console.log(response);                       },                      error : function(e) {                          // called in case of errors:                          var errmsg = e.responsetext                          console.log(e);                       }                 });             },

and here xsjs code-

    var csrf_token = $.request.headers.get("x-csrf-token");     if(csrf_token === "fetch") {     var content = $.request.body.asstring();     var args = $.parsejson(content);      var xsname= args.name;     var xsemail= args.email;     var xsloc= args.loc;    //then execute dml statement  passing these 3 parameters arguments.     catch (error) {             $.response.setbody(content);                $.response.status = $.net.http.internal_server_error;        }

i not able update , getting error err 500 - internal server error. suggestions extremely helpful

edit:

if forgot token got 403 access denied error ("csrf token validation failed") , not 500 internal. think wrong services

you can add x-csrf-token header of post request setup ajax requests before fire post.

$.ajaxsetup({     headers: {         'x-csrf-token': token     } });  jquery.ajax({                 url: "servicetest.xsjs",                 type: "post",                 data: json.stringify(obj),                 beforesend: function(xhr) {

otherwise add each post request.

jquery.ajax({                 url: "servicetest.xsjs",                 type: "post",                 data: json.stringify(obj),                 headers: {                    'x-csrf-token': token                 },                 beforesend: function(xhr) {

your way using beforesend event should work too.

Search This Blog

Today

javascript - How to handle X-CSRF-Token for jQuery POST in UI5? -

Comments

Post a Comment

Popular posts from this blog

java - Jasper subreport showing only one entry from the JSON data source when embedded in the Title band -

serialization - Convert Any type in scala to Array[Byte] and back -

SonarQube Plugin for Jenkins does not find SonarQube Scanner executable -