Question

41

How to include the CSRF token in the headers in Dropzone upload request?

rated 0 times [ 43] [ 2] / answers: 1 / hits: 80661 / 9 Years ago, sun, may 10, 2015, 12:00:00

I am working on a single page application and I am using Laravel 5 for the web service.

All forms are submitted asynchronously and I use a beforeSend on them to attach the CSRF token which I take from the meta tag like so:

$.ajax({

    url: '/whatever/route',

    type: 'POST',

    dataType: 'JSON',

    data: $('form#whatever-form').serialize(),

    beforeSend: function(request) {

        return request.setRequestHeader('X-CSRF-Token', $(meta[name='token']).attr('content'));

    },

    success: function(response){

        rivets.bind($('#whateverTag'), {whateverData: response});

    },

    error: function(response){

    }

});

All my forms work fine but dropzone upload doesn't. It gives me back a TokenMismatchException exception. Here is my dropzone code to update the profile photo:

$(#mydropzone).dropzone({

    url: /profile/update-photo,

    addRemoveLinks : true,

    maxFilesize: 5,

    dictDefaultMessage: '<span class=text-center><span class=font-lg visible-xs-block visible-sm-block visible-lg-block><span class=font-lg><i class=fa fa-caret-right text-danger></i> Drop files <span class=font-xs>to upload</span></span><span>&nbsp&nbsp<h4 class=display-inline> (Or Click)</h4></span>',

    dictResponseError: 'Error uploading file!'

});

I have tried putting the beforeSend in here too:

$(#mydropzone).dropzone({

    url: /profile/update-photo,

    addRemoveLinks : true,

    maxFilesize: 5,

    dictDefaultMessage: '<span class=text-center><span class=font-lg visible-xs-block visible-sm-block visible-lg-block><span class=font-lg><i class=fa fa-caret-right text-danger></i> Drop files <span class=font-xs>to upload</span></span><span>&nbsp&nbsp<h4 class=display-inline> (Or Click)</h4></span>',

    dictResponseError: 'Error uploading file!',

    beforeSend: function(request) {

        return request.setRequestHeader('X-CSRF-Token', $(meta[name='token']).attr('content'));

    },

});

I have also tried to put a global ajaxSetup in my main file like so:

$.ajaxSetup({

    headers: {

        'X-CSRF-TOKEN': $('meta[name=token]').attr('content')

    }

});

It is still not working. What am I doing wrong? How can I pass the CSRF token in the header with the dropzone upload so as to not a get an exception?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

zoiel

Add To Favorites

Follow

Total Points: 692

Total Questions: 90

Total Answers: 89

Location: Rwanda

Member since Thu, Feb 10, 2022

2 Years ago

zoiel questions

1 How to scroll to a component from another component in React?

Sat, Feb 26, 22, 00:00, 2 Years ago

1 findOneAndUpdate nested object in array

Mon, Jun 10, 19, 00:00, 5 Years ago

1 AWS Lambda NodeJs unable to return response

Thu, Mar 21, 19, 00:00, 5 Years ago

1 Dynamic change of cell color with Ag Grid

Wed, Mar 13, 19, 00:00, 5 Years ago

1 How to access values from React Select and pass them to Formik values on Submit?

Fri, Feb 8, 19, 00:00, 5 Years ago

View All

answered 9 Years ago anjelicadixied · Accepted Answer

Okay so this code is working just fine now:

$(#mydropzone).dropzone({

    url: /profile/update-photo,

    addRemoveLinks : true,

    maxFilesize: 5,

    dictDefaultMessage: '<span class=text-center><span class=font-lg visible-xs-block visible-sm-block visible-lg-block><span class=font-lg><i class=fa fa-caret-right text-danger></i> Drop files <span class=font-xs>to upload</span></span><span>&nbsp&nbsp<h4 class=display-inline> (Or Click)</h4></span>',

    dictResponseError: 'Error uploading file!',

    headers: {

        'X-CSRF-TOKEN': $('meta[name=token]').attr('content')

    }

});

So basically I needed to add the X-CSRFToken in the header of the Dropzone request. Works like charm now.