在MVC上添加所需的防伪字段Ajax请求

Question

我试图在我的MVC应用上做一个ajax post请求，只需将表单数据发布到服务器。

，但我总是得到这个错误：

所需的防伪型窗体域“__RequestVerificationToken”不存在。

这是我Ajax请求代码：

var reservationID = document.getElementById('ReservationID').value; 
var arrival = document.getElementById('Arrival').value; 
var departure = document.getElementById('Departure').value; 
var noofrooms = document.getElementById('NoOfRooms').value; 
var guestid = document.getElementById('GuestID').value; 
var rateid = document.getElementById('RateID').value; 
var agencyid = document.getElementById('AgencyID').value; 
var sourceid = document.getElementById('SourceID').value; 
var reservationtype = document.getElementById('ReservationType').value; 
var reservation = { ReservationID: reservationID, Arrival: arrival, Departure: departure, NoOfRooms: noofrooms, GuestID: guestid, RateID: rateid, AgencyID: agencyid, SourceID: sourceid, ReservationTypeID: reservationtype };  
var url = '/Reservations/Create'; 

$.ajax({ 
    url: url,    
    type: "POST", 
    data : reservation, 
    contentType: "application/json; charset=utf-8", 
    success: function(data, textStatus, jqXHR) { 
     alert('success'); 
    }, 
    error: function (jqXHR, textStatus, errorThrown) { 
    } 
}); 

如何添加我的AJAX这个防伪领域？

Answer 1

对我来说这sollution工作：

<script> 
@functions{ 
    public string TokenHeaderValue() 
    { 
     string cookieToken, formToken; 
     AntiForgery.GetTokens(null, out cookieToken, out formToken); 
     return cookieToken + ":" + formToken;     
    } 
} 

$.ajax("api/values", { 
    type: "post", 
    contentType: "application/json", 
    data: { }, // JSON data goes here 
    dataType: "json", 
    headers: { 
     'RequestVerificationToken': '@TokenHeaderValue()' 
    } 
}); 
</script> 

摘自： Preventing Cross-Site Request Forgery (CSRF) Attacks in ASP.NET Web API