[英]I Get 403 CSRF Mismatch when I'm trying to send the “post” request to SailsJS server
我有一個sailsJS服務器。 我嘗試從另一個域的客戶端發送帖子請求。
我從/ csrfToken發送_csrf,但我一次又一次得到403 csrf不匹配
客戶端代碼如下所示:
$.ajax({
url: 'http://myserverdomain.ru/csrfToken'
success: (response) ->
$.ajax({
url: 'http://myserverdomain.ru/session/create'
type: "POST"
crossDomain: true
xhrFields: {
withCredentials: true
}
data: {_csrf: response._csrf, email: 'mail@mail', password: 'password'}
error: () ->
console.log 'error'
success: ( resp ) ->
console.log resp
})
})
服務器的配置:
module.exports.csrf = {
grantTokenViaAjax: true,
origin: 'http://myclientdomain.ru'
};
module.exports.cors = {
allRoutes: true,
origin: 'http://myclientdomain.ru',
credentials: true,
methods: 'GET, POST, PUT, DELETE',
headers: 'content-type'
響應看起來像這樣:
CSRF mismatch
一般:
Remote Address:ip.ip.ip.1:1010
Request URL:http://myserverdomain.ru/session/create
Request Method:POST
Status Code:403 Forbidden
請求標題:
Accept:*/*
Accept-Encoding:gzip, deflate
Accept-Language:ru-RU,ru;q=0.8,en-US;q=0.6,en;q=0.4
Content-Length:95
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Cookie:sails.sid=s%3A_HBoGJvI9N_-kH3Bj2LBrIrayWAb_k4z.N9P%2F%2Bt%2FDWCFAuK1MvBNjyYO1ntmp5m8a5Te0IM%2Ftn7s; BCSI-CS-c82c2a7dcc10e8b5=2
Host:myserverdomain.ru
Origin:http://myserverdomain.ru
Proxy-Connection:keep-alive
Referer:http://myserverdomain.ru/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36
表格數據:
_csrf:ljGDMpSr-_O1ktMJ-zHEJfWaKPygXwNSSjcU
email:mail@mail
password:password
請幫幫我!
我對SailsJs不熟悉,但是在他們的文檔上花了幾分鍾后,你所做的似乎是正確的,但我會嘗試幾件事
module.exports.csrf的origin更改為* module.exports.csrf = { grantTokenViaAjax: true, origin: '*' } 你必須在標題中發送它
添加X-CSRF-Token:
$.ajax({
url: 'http://myserverdomain.ru/csrfToken'
success: (response) ->
$.ajax({
url: 'http://myserverdomain.ru/session/create'
type: "POST"
crossDomain: true
beforeSend: function(xhr, settings){
xhr.setRequestHeader('X-CSRF-Token', '_PUT_YOUR_CSRF_HERE_');
}
xhrFields: {
withCredentials: true
}
data: {_csrf: response._csrf, email: 'mail@mail', password: 'password'}
error: () ->
console.log 'error'
success: ( resp ) ->
console.log resp
})
})
在config / crfs.js中,添加以下行和您的路線:
module.exports.csrf = {
grantTokenViaAjax: true
, routesDisabled: '*Route URLs*',
'origin': '*'
}
為什么我在嘗試使用 axios 發送發布請求時遇到網絡錯誤
[英]Why i'm getting a network error, when trying to send a post request using axios
在將api請求發送到服務器時將api更改POST請求更改為GET請求
[英]fetch api change POST request to GET request when send it to the server
嘗試使用 axios POST 請求將信息發送到數據庫時,如何解決此 422 錯誤?
[英]How can I solve this 422 error when trying to send information to the database using an axios POST request?
我正在嘗試將狀態發送給父母組件。 但是不明白
[英]I'm trying to send the states to the parents components. But do not get it
我正在嘗試發出 POST 請求以獲取接收訪問令牌,但是我收到未定義的。 請問我該如何解決?
[英]I'm trying to make a POST request to get receive access token, however I'm receiving undefined. How can I resolve this please?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.