Develop Reference

CSRF token not working in a Laravel ajax call

I've checked the gizillion answers to this question and for some reason I can't get this to work.
I get the error:
401 (Unauthorized)
My route is an api route guarded.
My data:
let ajaxMainTemplate = {
'mainTemplate': mainTemplate,
'templateId': templateId,
'_token': accessToken,
}
My ajax call:
$.ajax({
type: 'POST',
url:`../api/aiMainTemplate/${ajaxData.templateId}`,
data: {
_token: ajaxData._token,
ajaxData
},
success: function(response) {
console.log(response)
}
})
I've tried the above to test based on another response. I put the token outside of the ajaxData object. I get the same error. I've also attempted:
$.ajax({
type: 'POST',
url:`../api/aiMainTemplate/${ajaxData.templateId}`,
headers: { 'X-CSRF-TOKEN': ajaxData._token },
data: ajaxData,
success: function(response) {
console.log(response)
}
})
Same.
I've also confirmed the token is there by adding a console.log Any ideas what I'm doing wrong with this?

My url was behind the api protected route so I had to do an ajax call to login into it via ajax.
The credentials are in a variable ajaxData.
$.ajax({
type: 'POST',
url: 'http://127.0.0.1:8000/api/login',
data: ajaxData,
success: function(response) {
shopifyToken = response.success.token;
getListProducts(shopifyToken);
}
});
With the shopify token generated from this login it worked.

Laravel Authentication with Passport,how send token Bearer in ajax header inside laravel project

I can get response from RESTful api when using Postman with Authorization Bearer + token.
But How can I send request with token in ajax (i made it inside my laravel project).

$.ajax({
url: "url",
headers: {
'Authorization': authorizationToken,
},
type: "post",
data: data,
async: false,
cache: false,
contentType: false,
enctype: 'multipart/form-data',
processData: false,
success: function (data) {
},
error: function (data, status, error) {
}
});

$.ajaxSetup({
headers: {
"X-CSRF-TOKEN":$('meta[name="csrf-token"]').attractive('content')
"Authorization":"Bearer"+localStorage.getItem('token')
}
});

Sencha ExtJS. Cannot send POST request on cross-domain with Ext.Ajax.request

I have backend with POST functionality (so JSONP is not working).
Backend sends Access-Control-Allow-Origin: * correctly (jQuery.ajax works successfully).
But I cannot send request using Ext.Ajax.request
Ext.Ajax.request({
url: 'http://myurl',
method: 'POST',
cors: true,
success: function () {
alert('success');
},
failure: function () {
alert('failure');
}
});
In debug console I see OPTIONS method
Where is my mistake?
Ext.getVersion()
version: "5.0.1.1255"

I think you will have to set useDefaultXhrHeader to false also in your ajax request,like below.
Ext.Ajax.request({
url: 'http://myurl',
method: 'POST',
cors: true,
useDefaultXhrHeader : false,
success: function () {
alert('success');
},
failure: function () {
alert('failure');
}
});

Extjs 4.2: How to send parameters properly in a Ext.Ajax.Request POST

I have to do a POST from my ExtJs script in order to delete something from my DB:
Ext.Ajax.request({
url: 'deleteRole.html',
method: 'POST',
headers: {'Content-Type': 'text/html'},
waitTitle: 'Connecting',
waitMsg: 'Sending data...',
params: {
"rolename" : rolename
},
scope:this,
success: received,
failure: function(){console.log('failure');}
});
when the post is sent i can see in the firebug the rolename in font but not as a param. I would like to show you another post (made with spring:form) relative to the user registration. If i inspect the post i can see the following:
(source: subirimagenes.com)
And i can get the parameters in my controller using #RequestParam.
But in the post that i have problems i can't see the parameters part, i can only see the Font(Fuente) part:
(source: subirimagenes.com)
As a consequence, my spring controller does not detect any parameter. Is it something wrong in my POST?
Thank you

The problem is that you are using the line headers: {'Content-Type': 'text/html'}, in your original question. This would set the content to text/html instead of the content being post data.

I solved it with the following code:
var rolename = 'myRol';
Ext.Ajax.request({
url: 'deleteRole.html',
method: 'POST',
params: {
rolename: rolename
},
success: received,
failure: function(){console.log('failure');}
});

I'm using this in a Sencha Touch app. I had to add an extra config called jsonData and make it true or else nothing is passed to my endpoint url.
Ext.Ajax.request({
url: endpoint,
method : "POST",
headers: {
'Content-Type': 'application/json'
},
params : {add: formattedAddress, lat: latitude},
jsonData: true,
useDefaultXhrHeader : false,
withCredentials: true,
success : function(response) {
Ext.Msg.alert("Success", 'yea');
},
failure : function(response) {
var respObj = Ext.JSON.decode(response.responseText);
Ext.Msg.alert("Error", respObj.status.statusMessage);
}
});

Basecamp API Request results in Access-Control-Allow-Origin Error

I am trying to perform an AJAX request from a Chrome Extension to Basecamp to authenticate in so I can pull tasks. I have added https://site.basecamphq.com to the permissions in manifest.json. However, when this function is executed, I get this in my console:
XMLHttpRequest cannot load https://site.basecamphq.com. Origin chrome-extension://0123456789 is not allowed by Access-Control-Allow-Origin
$("#login").click(function()
{
$.ajax({
type: "GET",
dataType: 'html',
url: "https://site.basecamphq.com",
username: "username",
password: "X",
success: function(data){
$("#example").append(data);
}
});
});
I have added https://*/ to my manifest.json permissions as well, but no luck.

You need to use background page for doing AJAX requests from a content script.
Background page code:
chrome.extension.onRequest.addListener(function(request, sender, callback) {
$.ajax({
type: "GET",
dataType: 'html',
url: request.url,
username: "username",
password: "X",
success: callback
});
});
Content script code:
chrome.extension.sendRequest({'url': 'https://site.basecamphq.com'}, function(data) {
$("#example").append(data);
});