[英]rails 3 CSRF token changes just before the POST request
Rails 3 , Backbone.js app. Rails 3,Backbone.js应用程序。
The CSRF token does not change until a POST form is submitted. 在提交POST表单之前,CSRF令牌不会更改。
As soon as form is submitted the CSRF token changes and i get "WARNING: Can't verify CSRF token authenticity" 提交表单后,CSRF令牌就会更改,并且我会收到“警告:无法验证CSRF令牌的真实性”
Form is submitted using ajax. 表单是使用ajax提交的。
I guess it is kind of too late to respond, but most likely the problem caused by missing withCredentials
parameter of XHR requests you are sending from the Backbone.js. 我想现在响应还为时已晚,但是最有可能是由于缺少从Backbone.js发送的XHR请求的
withCredentials
参数引起的问题。 If your POST request does not contain session infromation, it will be given new CSRF token by your backend. 如果您的POST请求不包含会话信息,那么后端将为其提供新的CSRF令牌。
$.ajax({
type: "POST",
xhrFields: {withCredentials: true},
//other fields
})
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.