即使在 Laravel 5 帖子中提供令牌后，CSRF 令牌也不匹配

Question

我正在尝试在 laravel 5 中使用 ajax 发帖。我收到 CSRF 令牌不匹配异常。 我环顾四周，发现可能存在这样的问题，但在这种情况下，我确实包含了所有必要的代码。

请看一下我的代码。

看法

{!! Form::open(array('url'=>'admin/index','method'=>'POST', 'id'=>'addrole')) !!}
<div class="control-group">
  <div class="controls">
     {!! Form::text('user','',array('id'=>'','class'=>'form-control span6','placeholder' => 'Username')) !!}
  </div>
</div>
<div class="control-group">
  <div class="controls">
      {!! Form::text('role','faculty',array('class'=>'form-control span6', 'placeholder' => 'User Role')) !!}
      <input type="hidden" name="_token" value="{{ csrf_token()}}">
  </div>
</div>
{!! Form::button('Submit', array('class'=>'send-btn')) !!}
{!! Form::close() !!}

<script type="text/javascript">

    $.ajaxSetup({
       headers: { 'X-CSRF-Token' : $('meta[name=_token]').attr('content') }
    });

    $(document).ready(function(){
        $('.send-btn').click(function(){
            $.ajax({
                url: 'index',
                type: "post",
                data: {
                    '_token': $('input[name="_token"]').val(),
                    'user':$('input[name=user]').val(),
                    'role':$('input[name=role]').val()
                }, //, '_token': $('input[name=_token]').val()
                success: function(data) {
                    alert(data);
                }
            });
        });
    });
</script>

我在隐藏输入中提供了令牌，并将其包含在我的帖子中。

我确实有一个元数据如下。

<meta name="_token" content="{!! csrf_token() !!}"/>

以下是我的控制器。

public function index()
{
    if(Request::ajax()) {
        $data = Input::all();
        print_r($data);die;
    }
}

这个只是为了测试，这里没什么。 我的路线如下

Route::get('admin/index', function() {
  return View::make('admin');
});
Route::post('admin/index', 'AdminController@index');

请帮我解决这个问题

这是日志中的输出。

[2015-11-12 09:04:31] local.ERROR: exception 'Illuminate\Session\TokenMismatchException' in /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php:46
Stack trace:
#0 /var/www/html/vidman-laravel/app/Http/Middleware/VerifyCsrfToken.php(17): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle(Object(Illuminate\Http\Request), Object(Closure))
#1 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(125): App\Http\Middleware\VerifyCsrfToken->handle(Object(Illuminate\Http\Request), Object(Closure))
#2 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(55): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#3 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(125): Illuminate\View\Middleware\ShareErrorsFromSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#4 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(61): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#5 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(125): Illuminate\Session\Middleware\StartSession->handle(Object(Illuminate\Http\Request), Object(Closure))
#6 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(36): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#7 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(125): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle(Object(Illuminate\Http\Request), Object(Closure))
#8 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(40): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#9 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(125): Illuminate\Cookie\Middleware\EncryptCookies->handle(Object(Illuminate\Http\Request), Object(Closure))
#10 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(42): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#11 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(125): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))
#12 [internal function]: Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
#13 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(101): call_user_func(Object(Closure), Object(Illuminate\Http\Request))
#14 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(115): Illuminate\Pipeline\Pipeline->then(Object(Closure))
#15 /var/www/html/vidman-laravel/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(84): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))
#16 /var/www/html/vidman-laravel/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))
#17 {main}

以下是我的浏览器控制台帖子标题和页内 csrf 令牌不匹配。 请看下面

页面中的token ==> input type="text" name="_token" value="{{ csrf_token()}}"

浏览器帖子标题

Answer 1

我想当你使用

{!!  Form::open() !!}

这已经在你的表单输入标签中包含了 csrf_token。所以，没有必要包含在meta标签或input标签中。 例如：当你这样做时：

{!! Form::open() !!}
{!! Form::close() !!}

您的表单标签将类似于：

<form action="your action" method="POST" accept-charset="UTF-8">
     <input type="hidden" value="token_string" name="_token" > 
</form>

现在在您的 js 文件中验证令牌，您可以这样做：

$.ajaxSetup({
    headers:{
        'X-CSRF-Token' : $("input[name='_token'").attr('value')
    }
});

即使在 Laravel 5 帖子中提供令牌后，CSRF 令牌也不匹配

问题描述

1 个解决方案

解决方案1
1 2015-11-13 04:04:04

即使在 Laravel 5 帖子中提供令牌后，CSRF 令牌也不匹配

问题描述

1 个解决方案

解决方案1 1 2015-11-13 04:04:04

解决方案1
1 2015-11-13 04:04:04