[英]CodeIgniter 3 - 403 Forbidden on POST from jQuery.ajax() asynchronous request
我在 jQuery.ajax() 發布請求時收到 403 禁止錯誤。
應用程序/配置/config.php
$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_ghive';
$config['csrf_cookie_name'] = 'csrf_ghive';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = false;
應用程序/視圖/billing.php
<input type="text" class="txt_csrfname" name="<?= $this->security->get_csrf_token_name(); ?>" value="<?= $this->security->get_csrf_hash(); ?>">
<button id="bill_client"><?php echo lang('pay'); ?></button>
<script type="text/javascript" src="<?php echo base_url(); ?>assets/customers/js/bill.js"></script>
資產/客戶/js/bill.js
function add_bill_by_ajax(bill_object,bill_id){
// CSRF Hash
var csrfName = $('.txt_csrfname').attr('name'); // Value specified in $config['csrf_token_name']
var csrfHash = $('.txt_csrfname').val(); // CSRF hash
$.ajax({
url:base_url+"Bill/add_bill_by_ajax",
method:"POST",
data:{
order : bill_object,
sale_id : bill_id,
close_order : 0,
//csrf_test_name: $.cookie('csrf_ghive')
//'<?php echo $this->security->get_csrf_token_name(); ?>':'<?php echo $this->security->get_csrf_hash(); ?>'
[csrfName]: csrfHash
},
dataType: 'json',
success:function(response) {
if(response>0){
$('.txt_csrfname').val(response.token);
set_new_bills_to_view();
swal({
title: warning,
text: added_bill,
confirmButtonText:ok
});
}
},
error:function(){
console.log("403 Forbidden for ajax error");
swal({
title: warning,
text:'403 Forbidden for ajax error',
confirmButtonText:ok,
allowOutsideClick: false
});
}
});
}
應用程序/控制器/Bill.php
function add_bill_by_ajax(){
$bill_details = json_decode(json_decode($this->input->post($this->security->xss_clean('bill'))));
//this id will be 0 when there is new bill, but will be greater then 0 when there is modification
//on previous order
$bill_id = $this->input->post('bill_id');
$close_bill = $this->input->post('close_bill');
$data = array();
$data['token'] = $this->security->get_csrf_hash();
$data['customer_id'] = trim($bill_details->customer_id);
...
控制台錯誤
jquery-3.3.1.min.js:2 POST http://localhost/Bill/add_bill_by_ajax 403 (Forbidden)
send @ jquery-3.3.1.min.js:2
ajax @ jquery-3.3.1.min.js:2
add_bill_by_ajax @ custom.js:3764
(anonymous) @ bill.js:2362
dispatch @ jquery-3.3.1.min.js:2
y.handle @ jquery-3.3.1.min.js:2
網絡錯誤
bill: "{\"customer_id\":\"1\",\"product_price_with_discount\":\"5000.00\",\"product_discount_amount\":\"0.00\",\"product_note\":\"\"}]}"
bill_id: 0
close_bill: 0
csrf_ghive: 6555e8953c1aee584cf2472c1ad14a4d
請注意,我已經看過其他類似的問題,但還沒有找到合適的解決方案:
POST url 403 forbidden in Codeigniter 3
403禁止從ajax請求訪問CodeIgniter controller
ETC...
Preset Apache mod_rewrite Flags modified RewriteRules 導致 AJAX 請求失敗。解決方案是:
如果可以在您的主機上停用 mod_rewrite (不推薦)
將.htaccess
安裝的 .htaccess 從:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php/$0 [PT,L]
RewriteCond $1 !^(index\.php|images|robots\.txt)
到:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
RewriteCond %{REQUEST_URI} ^application.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.