Rails 3 CSRF令牌在POST请求之前更改
[英]rails 3 CSRF token changes just before the POST request
问题描述
Rails 3 , Backbone.js app. 
Rails 3,Backbone.js应用程序。
The CSRF token does not change until a POST form is submitted. 在提交POST表单之前,CSRF令牌不会更改。
As soon as form is submitted the CSRF token changes and i get "WARNING: Can't verify CSRF token authenticity" 提交表单后,CSRF令牌就会更改,并且我会收到“警告:无法验证CSRF令牌的真实性”
Form is submitted using ajax. 表单是使用ajax提交的。
1 个解决方案
解决方案1
0 2014-02-05 15:22:01
I guess it is kind of too late to respond, but most likely the problem caused by missing withCredentials parameter of XHR requests you are sending from the Backbone.js. 我想现在响应还为时已晚,但是最有可能是由于缺少从Backbone.js发送的XHR请求的withCredentials参数引起的问题。 If your POST request does not contain session infromation, it will be given new CSRF token by your backend. 如果您的POST请求不包含会话信息,那么后端将为其提供新的CSRF令牌。
$.ajax({
type: "POST",
xhrFields: {withCredentials: true},
//other fields
})
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.