【问题标题】:Cakephp CSRF mismatchCakephp CSRF 不匹配
【发布时间】:2021-02-02 22:55:11
【问题描述】:

以下是我的AppController.php

public function initialize()
{
    parent::initialize();
    $this->loadComponent('Csrf');
    $this->loadComponent('RequestHandler', [
        'enableBeforeRedirect' => false,
    ]);
    $this->loadComponent('Auth', [
        'unauthorizedRedirect' => [
            'controller' => 'Users',
            'action'     => 'login'
        ],
        'storage' => 'Session'
    ]);
    
    $this->loadComponent('Flash');

    
    /*
     * Enable the following component for recommended CakePHP security settings.
     * see https://book.cakephp.org/3/en/controllers/components/security.html
     */
    //$this->loadComponent('Security');
}

还有我的Application.php

 public function middleware($middlewareQueue)
    {
        $options = ['httpOnly' => true];
        $csrf = new CsrfProtectionMiddleware($options);
        $middlewareQueue            
            ->add(new ErrorHandlerMiddleware(null, Configure::read('Error')))
            ->add(new AssetMiddleware([
                'cacheTime' => Configure::read('Asset.cacheTime'),
            ]))
            ->add(new RoutingMiddleware($this))
            ->add($csrf);

        return $middlewareQueue;
    }

以下是我的看法。

<form action="<?= Router::url(['controller' => 'Users', 'action' => 'registration']) ?>" method="POST">
                            <input type="hidden" name="_csrfToken" value="<?= $this->request->getParam('_csrfToken'); ?>" />

</form>

不过,当我提交它说的表单时

【问题讨论】:

    标签: php cakephp csrf


    【解决方案1】:

    尝试使用 CakePHP Form Helper

    制作表单
    <?= $this->Form->create($users, ['url' => ['controller' => 'Users', 'action' => 'registration']]) ?>
    ....
    <?= $this->Form->end() ?>
    

    【讨论】:

      猜你喜欢
      • 2019-01-15
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2016-10-09
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2019-01-15
      相关资源
      最近更新 更多