GoBuffalo CSRF 关于生产构建的问题
[英]GoBuffalo CSRF issue on production build
问题描述
When I run the application in development mode, I do not have this issue.
当我在开发模式下运行应用程序时,我没有这个问题。
But when I build for production and run that binary and whenever I try to submit a form I get below error -但是当我为生产构建并运行该二进制文件时,每当我尝试提交表单时,我都会遇到以下错误 -
level=error time="2020-07-26T17:32:36+05:30" msg="CSRF token invalid" content_type=application/x-www-form-urlencoded duration="48.59µs" form="{\"ContactEmail\":[\"arunko350@gmail.com\"],\"ContactNumber\":[\"09738080932\"],\"Name\":[\"Arun Kolhapur\"],\"authenticity_token\":[\"N23TgN8v295iQwsNWCZySXCC2KFtv4CRkumqZ8jDIeXasV6iA10qaWl+RZ2SOxyg9JjjDzmpiIyPqH1c56eoBw==\"]}" human_size="0 B" method=POST params="{\"ContactEmail\":[\"arunko350@gmail.com\"],\"ContactNumber\":[\"09738080932\"],\"Name\":[\"Arun Kolhapur\"],\"authenticity_token\":[\"N23TgN8v295iQwsNWCZySXCC2KFtv4CRkumqZ8jDIeXasV6iA10qaWl+RZ2SOxyg9JjjDzmpiIyPqH1c56eoBw==\"]}" path=/organisations/ request_id=6922434a6f81d2c5891e-5a617ab03f631a1937f8 size=0 status=500
Please help.请帮忙。
1 个解决方案
解决方案1
0 2020-08-20 03:57:32
I ran into this yesterday.我昨天遇到了这个。 I was running a Buffalo app in production, on HTTP.我在 HTTP 上运行 Buffalo 应用程序。 I found that the session cookies Buffalo was creating were marked Secure , so they weren't sent on non-HTTPS requests.我发现正在创建的 session cookies Buffalo 被标记为Secure ,因此它们不是在非 HTTPS 请求上发送的。
My solution was to get a Let's Encrypt HTTPS certificate and run my app in production mode over HTTPS.我的解决方案是获取 Let's Encrypt HTTPS 证书并在生产模式下通过 HTTPS 运行我的应用程序。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.