I need to pass CSRFToken with Ajax based post request but not sure how this can done in a best way.
Using a platform which internally checking CSRFToken in request (POST request only)
initially I was thinking to add it to header like
$(function() {
$.ajaxSetup({
headers : {
'CSRFToken' : getCSRFTokenValue()
}
});
});
Which will make it available to each Ajax request, but it will not work for my case, since in request CSRFToken is still coming as null.
Is there any way I can set CSRFToken for all Ajax call dealing with POST type
Edit If I do something like this in my Ajax call
data: {"newsletter-subscription-email" : "XXX" , 'CSRFToken': getCSRFTokenValue()},
Everything is working fine.
My Issue is, I want to pass CSRFToken value as a request parameter and not as a request header
How about this,
$("body").bind("ajaxSend", function(elm, xhr, s){
if (s.type == "POST") {
xhr.setRequestHeader('X-CSRF-Token', getCSRFTokenValue());
}
});
Ref: http://erlend.oftedal.no/blog/?blogid=118
To pass CSRF as parameter,
$.ajax({
type: "POST",
url: "file",
data: { CSRF: getCSRFTokenValue()}
})
.done(function( msg ) {
alert( "Data: " + msg );
});