/** * csrf */ /*global jquery: false */ (function ($) { var __requestverificationtoken = '__requestverificationtoken'; //$.post扩展方法(预防csrf) $.postpreventcsrf = function (url, data, success, datatype) { data = addtoken(data); return $.post(url, data, success, datatype); }; //$.ajax扩展方法(预防csrf) $.ajaxpreventcsrf = function (options) { options = options || {}; options.type = 'post'; options.data = addtoken(options.data); return $.ajax(options); }; // $.ajax扩展方法(加载表单防伪标记) var csrfoptions = { url: '/ajax/ajaxpartial', type: 'get', async: false, data: { partialviewname: "表单防伪标记" }, success: refreshcsrf }; $.refreshcsrf = function (options) { options = options || csrfoptions; return $.ajax(options); }; pe = window.pe || {}; pe.security = {}; pe.security.csrf = { getrequestverificationtoken: function () { var $requestverificationtoken = gettoken(); if (!$requestverificationtoken) { return ''; } return __requestverificationtoken + '=' + $requestverificationtoken.val(); }, getrequestverificationtokenvalue: function () { var $requestverificationtoken = gettoken(); if (!$requestverificationtoken) { return ''; } else { return $requestverificationtoken.val(); } } }; function addtoken(data) { data = data || {}; var $requestverificationtoken = gettoken(); if (!$requestverificationtoken) { return data; } // 兼容ie8 if (!array.isarray) { array.isarray = function (arg) { return object.prototype.tostring.call(arg) === '[object array]'; }; } if (array.isarray(data)) { var isexiststoken = false; $.each(data, function (index, value) { if (value['name'] && value['name'].tolowercase() === __requestverificationtoken) { isexiststoken = true; return false; } }); if (isexiststoken) { return data; } data.push({ name: __requestverificationtoken, value: $requestverificationtoken.val() }); return data; } var $tokeninput = $('input[name="__requestverificationtoken"]'); var defaultsdata = { "__requestverificationtoken": $tokeninput && $tokeninput.val() }; if (typeof (data) === "string") { if (data.tolowercase().indexof(__requestverificationtoken) > -1) { return data; } data += '&' + __requestverificationtoken + '=' + $requestverificationtoken.val(); return data; } if (typeof (data) === "object") { data = $.extend({}, { __requestverificationtoken: $requestverificationtoken.val() }, data); return data; } return data; } function gettoken() { var $anti_forgery_token_container = $("[data-power-anti_forgery_token_input]"); if ($anti_forgery_token_container.length) { var anti_forgery_token_input = $anti_forgery_token_container.data("power-anti_forgery_token_input"); return $(anti_forgery_token_input); } var $requestverificationtoken = $('input[name="__requestverificationtoken"]'); if ($requestverificationtoken.length) { return $requestverificationtoken; } $.refreshcsrf(); $requestverificationtoken = $('input[name="__requestverificationtoken"]'); if ($requestverificationtoken.length) { return $requestverificationtoken; } console.error("所需的防伪表单字段“__requestverificationtoken”不存在!请确保表单中包含@html.antiforgerytoken()。"); return null; } function refreshcsrf(data) { var csrfvalue = $(data.html).val(); if ($('input[name="__requestverificationtoken"]').length > 0) { $('input[name="__requestverificationtoken"]') .each(function () { var $this = $(this); $this.val(csrfvalue); }); } else { $('body').append(data.html); } } })(jquery);