Hi,
In Infragistics grid components, can we configure them to use tokens for resolving the JavaScript / JSON Hijacking issue.
Like in the below example, we are calling the MVC controller method to get the data. Is there a way to secure this call to resolve the client scripting hijacking with passing the tokens. Do we have in-built functionality in Infragistics grid components to achieve this.
$('#Grid1').igGrid({dataSource: "Controller1/GetSampleData?id=123",responseDataKey: 'data'etc....})
MVC controller Code
[HttpGet] public ActionResult GetSampleData(string id){ .... }
Thanks
Vijay
Hello Vijay,
In the igGrid there is no built-in functionality for passing tokens to secure the data transfer. It can be achieved with the built-in MVC features. On the following link you can find more information on how to do that - http://stackoverflow.com/questions/4074199/jquery-ajax-calls-and-the-html-antiforgerytoken .
Please feel free to contact me if you have further questions.
Regards,Ivaylo HubenovEntry-level developer
Thank you Ivaylo Hubenov for the prompt response. I would like to ask one more question.
We are just passing the controller action with parameters to igGrid as Datasource to get the data from Server and bind the data to grid and render it in the page. Is there a way whether we can add any Request headers in the HttpContext while making call to the controller action. I know which we can do it thru $.setRequestHeader("",""). I am seeking help when igGrid makes to call to the controller action method to pass the additional data in the Http headers.
Request headers cannot be added in the HttpContext via the igGrid. However, it could be achieved using Ajax global events (it should work with the beforeSend event).
Please feel free to contact me if you have further questions, regarding this matter.