This will show you the headers which will probably be needed for a request.
-
-
-
⬇️ Result | Source ➡️
@inherits Custom.Hybrid.Razor14
@* Make sure anonymous users have the 2sxc JS API *@
@Kit.Page.Activate("2sxc.JsCore")
<button type="button" class="btn btn-primary" onclick="showHeaders(this)">Default headers</button>
<button type="button" class="btn btn-primary" onclick="showHeaders(this, 'GET')">Headers for GET</button>
<button type="button" class="btn btn-primary" onclick="showHeaders(this, 'POST')">...for POST</button>
<button type="button" class="btn btn-primary" onclick="showHeaders(this, 'PUT')">...for PUT</button>
<script>
function showHeaders(moduleContext, optionalVerb) {
var headers = $2sxc(moduleContext).webApi.headers(optionalVerb);
alert('These are the headers used if the verb is "' + (optionalVerb ?? '') + '":\n'
+ JSON.stringify(headers, null, 2));
}
</script>
Source Code of VerifiedController.cs
// Add namespaces for security check in Oqtane & DNN despite differences in .net core/.net Framework
// If you only target one platform, you can remove the parts you don't need
#if NETCOREAPP
using Microsoft.AspNetCore.Authorization; // .net core [AllowAnonymous] & [Authorize]
using Microsoft.AspNetCore.Mvc; // .net core [HttpGet] / [HttpPost] etc.
#else
using System.Web.Http; // .net 4.5 [AllowAnonymous] / [HttpGet]
using DotNetNuke.Web.Api; // [DnnModuleAuthorize] & [ValidateAntiForgeryToken]
#endif
[AllowAnonymous] // all commands can be accessed without a login
[ValidateAntiForgeryToken] // protects API from users not on your site (CSRF protection)
public class VerifiedController : Custom.Hybrid.Api14 // see https://r.2sxc.org/CustomWebApi
{
[HttpGet] // [HttpGet] says we're listening to GET requests
public string Hello()
{
return "Hello from the controller with ValidateAntiForgeryToken in /api";
}
}
// The next line is for 2sxc-internal quality checks, you can ignore this
// 2sxclint:disable:no-dnn-namespaces - 2sxclint:disable:no-web-namespace
Note about Hybrid APIs
These examples are all done to work in both Dnn ☢️ and Oqtane 💧. Because of this, the Api Controller have special conditional statements like #if NETCOREAPP
which uses different namespaces in .net core and .net Framework.
If you only target Dnn or Oqtane, you can remove the lines you don't need. See See how to use #if