diff --git a/src/MusicStore/Controllers/ShoppingCartController.cs b/src/MusicStore/Controllers/ShoppingCartController.cs index 2a7dc58733..c35a019180 100644 --- a/src/MusicStore/Controllers/ShoppingCartController.cs +++ b/src/MusicStore/Controllers/ShoppingCartController.cs @@ -2,7 +2,6 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.AspNet.Mvc; -using Microsoft.Framework.DependencyInjection; using MusicStore.Models; using MusicStore.ViewModels; @@ -13,6 +12,9 @@ namespace MusicStore.Controllers [FromServices] public MusicStoreContext DbContext { get; set; } + [FromServices] + public AntiForgery AntiForgery { get; set; } + // // GET: /ShoppingCart/ public async Task Index() @@ -55,15 +57,14 @@ namespace MusicStore.Controllers [HttpPost] public async Task RemoveFromCart(int id, CancellationToken requestAborted) { - var formParameters = await Context.Request.ReadFormAsync(); - var requestVerification = formParameters["RequestVerificationToken"]; - string cookieToken = null; - string formToken = null; + var cookieToken = string.Empty; + string formToken = string.Empty; + string[] tokenHeaders = null; + string[] tokens = null; - if (!string.IsNullOrWhiteSpace(requestVerification)) + if (Context.Request.Headers.TryGetValue("RequestVerificationToken", out tokenHeaders)) { - var tokens = requestVerification.Split(':'); - + tokens = tokenHeaders.First().Split(':'); if (tokens != null && tokens.Length == 2) { cookieToken = tokens[0]; @@ -71,8 +72,7 @@ namespace MusicStore.Controllers } } - var antiForgery = Context.RequestServices.GetService(); - antiForgery.Validate(Context, new AntiForgeryTokenSet(formToken, cookieToken)); + AntiForgery.Validate(Context, new AntiForgeryTokenSet(formToken, cookieToken)); // Retrieve the current user's shopping cart var cart = ShoppingCart.GetCart(DbContext, Context); diff --git a/src/MusicStore/Views/ShoppingCart/Index.cshtml b/src/MusicStore/Views/ShoppingCart/Index.cshtml index 4f42fda07d..1a9b89c460 100644 --- a/src/MusicStore/Views/ShoppingCart/Index.cshtml +++ b/src/MusicStore/Views/ShoppingCart/Index.cshtml @@ -24,20 +24,26 @@ if (recordToDelete != '') { // Perform the ajax post - $.post(PostToUrl, { "id": recordToDelete, "RequestVerificationToken": '@GetAntiXsrfToken()' }, - function (data) { - // Successful requests get here - // Update the page elements - if (data.ItemCount == 0) { - $('#row-' + data.DeleteId).fadeOut('slow'); - } else { - $('#item-count-' + data.DeleteId).text(data.ItemCount); - } + $.ajax(PostToUrl, { + type: "post", + data: { "id": recordToDelete }, + dataType: "json", + headers: { + "RequestVerificationToken": '@GetAntiXsrfToken()' + } + }).done(function (data) { + // Successful requests get here + // Update the page elements + if (data.ItemCount == 0) { + $('#row-' + data.DeleteId).fadeOut('slow'); + } else { + $('#item-count-' + data.DeleteId).text(data.ItemCount); + } - $('#cart-total').text(data.CartTotal); - $('#update-message').text(data.Message); - $('#cart-status').text('Cart (' + data.CartCount + ')'); - }); + $('#cart-total').text(data.CartTotal); + $('#update-message').text(data.Message); + $('#cart-status').text('Cart (' + data.CartCount + ')'); + }); } });