Why ngx-uploader doesn't like to cooperate with .net core 2.x?
2024-08-28 06:50:22
The POST action seems to have no effect on the .net core controller.
If you put [IgnoreAntiforgeryToken] attribute on the server controller method, it works. But dont' leave it like that exposing vulnerability.
Turns out, Angular uses a particular header name "X-XSRF-TOKEN" to store token for the server to accept: https://docs.microsoft.com/en-us/aspnet/core/security/anti-request-forgery?view=aspnetcore-2.1#angularjs
The following client code snippet in the Angular 6 component works. It's just part of ngx-uploader sample code. Only to note the headers line.
const event: UploadInput = {
type: 'uploadAll',
url: this.UPLOAD_API_URL + '?guid=' + this.guid,
method: 'POST',
headers: {'X-XSRF-TOKEN': this._cookieService.get("XSRF-TOKEN")},
withCredentials: true,
data: { foo: 'bar' }
};
_cookieService is an injected service using ngx-cookie. You may use any cookie tool.
最新文章
- 如何在 TFS 中使用 Git
- AnguarJS 第二天----数据绑定
- 可扩容分布式session方案
- jquery.uploadify上传文件配置详解(asp.net mvc)
- IOCP简单实现
- ASP.net 的URL路由选择(System.Web.Routing.dll)
- POI-处理大Excel文件(xls)
- VLAN的三种类型及三种属性
- [Spark性能调优] 第一章:性能调优的本质、Spark资源使用原理和调优要点分析
- librdkafka安装和php扩展php-rdkafka安装
- PTA——四舍五入
- SQL记录-PLSQL事务
- JAVA NIO学习记录1-buffer和channel
- [翻译] OCMaskedTextField
- 【vue】vue项目引入 Element-UI
- [3] 球(Sphere)图形的生成算法
- Zynq-7000 FreeRTOS(二)中断:PL中断请求
- CMWAP上网补丁描述文件!!支持ios9
- 541. Reverse String II 指定翻转前k个的字符串
- Oracle给Select结果集加锁,Skip Locked(跳过加锁行获得可以加锁的结果集)
热门文章
- java SSM 解决跨域问题
- Everything at Once
- Java 多线程 sleep方法与wait方法的区别
- 给出两个单词word1和word2,写一个函数计算出将word1 转换为word2的最少操作次数。
- jmeter基本组成原件介绍
- Jmeter学习系列----1 环境搭建
- 匿名函数function前面的! ~等符号作用小解
- 关于“svn: Can't connect to host '*.*.*.*': 由于连接方在一段时间后没有正确答复或连接”的解决方法
- C++中的Public 、Private、Protected 区别
- 微信小程序里如何用阿里云上传视频,图片。。