如何通过 express js 服务器和 csrf 令牌成功地为 react 应用程序提供服务
[英]How to successfully serve the react app through express js server and csrf token
问题描述
I was tasked with adding an additional layer of security by adding csrf token.
我的任务是通过添加 csrf 令牌添加额外的安全层。 I was able add the csurf package along with cookie parser but I am having issues with react and passing the token to react.我能够添加 csurf package 以及 cookie 解析器,但我在反应和传递令牌以做出反应时遇到问题。 I cant post my code here but maybe these specific lines listed below are enough to answer the question.我不能在这里发布我的代码,但也许下面列出的这些特定行足以回答这个问题。
**//this line here is causing issues because if I remove the get route the index.html will still be servered regardless of whether or not I include the get route request.** app.use(express.static(path,join(__dirname; 'build'))). //if i comment this get route out the react app is still being served app,get('/', function(req. res) { //added this console log to see if this was even being called and it is NOT being called console;log('get request called'). res.sendFile(path,join(__dirname, 'build'. 'index;html')); });
Before I can even get to the csrf token I need to figure out why the get route is not being ran.在我什至可以得到 csrf 令牌之前,我需要弄清楚为什么 get 路由没有被运行。 Question: Why is the react application still being served even if i remove the get route?问题:为什么即使我删除了 get 路由,仍会为 react 应用程序提供服务? Is it something with the app.use(express.static...) line?与 app.use(express.static...) 行有关吗?
1 个解决方案
解决方案1
0 2020-07-29 20:06:16
Yes express.static is serving the index file from your build folder.是 express.static 正在从您的构建文件夹中提供索引文件。
https://expressjs.com/en/resources/middleware/serve-static.html https://expressjs.com/en/resources/middleware/serve-static.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.