【发布时间】:2021-07-16 11:54:14
【问题描述】:
我正在尝试使用 https post 发布数据,我还在标头中提供 csrf 令牌。我收到状态代码为 403 并且 csrf 令牌验证失败。有人可以告诉需要做什么。我在下面附上了我的代码。提前致谢。
'''
const csrfoptions = {
'method': 'HEAD',
headers: {
'authorization': auth,
'x-csrf-token': 'fetch'
},
}
const csrfReq = https.request(csrfurl, csrfoptions, function (response3) {
var body3 = '';
response3.on('data', function (data) {
body3 += data
})
response3.on('end', function () {
var csrfToken = (response3.headers['x-csrf-token'])
console.log("csrf token : ", csrfToken);
//post
const postUrl = "https://***.crm.ondemand.com/sap/c4c/odata/v1/c4codataapi/" + parentObjectID + "/OpportunityItem"
const data = JSON.stringify({
"ExpectedNetAmount": "120.000000",
"Quantity": "1.00000000000000",
"QuantityUnitCode": "EA",
"ZSLBActProb_SDK": "30",
})
const postOptions = {
method: 'POST',
headers: {
'authorization': auth,
'Content-Type': 'application/json',
'x-csrf-token': csrfToken,
},
}
console.log("postHeaders = ", postOptions.headers)
const postReq = https.request(postUrl, postOptions, function (response5) {
console.log("post response = ", response5.statusCode)
var postBody = '';
response5.on('data', function (data) {
postBody += data;
console.log("body = ", postBody);
})
response5.on('end', function () {
console.log("received data = ", postBody)
})
})
postReq.on('error', function (e) {
console.log(e)
})
postReq.write(data)
postReq.end();
})
})
csrfReq.end();
'''
这是我在 console.log() 上得到的:
csrf 令牌:C3IyB173qZmsU8l1F_KBhQ==
postHeaders = { 授权:'基本 c2FsZXN1c2VyOldlbGNvbWUx',
“内容类型”:“应用程序/json”,
'x-csrf-token': 'C3IyB173qZmsU8l1F_KBhQ==' }
发布回复 = 403
body = CSRF 令牌验证失败
收到的数据 = CSRF 令牌验证失败
【问题讨论】:
标签: node.js post http-status-code-403 csrf-token