我应该如何在cakephp中进行CSRF保护? [英] How should I do CSRF protection in cakephp?
问题描述
我是cakephp的新手,现在我正在研究带有cakephp的新项目。我目前正在做的任务是为整个项目做CSRF保护。我已经阅读了官方的cakephp 2 cookbook,我按照那本书中的解释做了。但是,现在我正面临请求已被黑洞。
错误:在此服务器上找不到请求的地址'/ admin / accounts / add'。每次提交新用户添加表格时。
我的代码是:
//////////// ////////////////////////////////////////////////// ////////////////////////////////////
public $ components = array(
'Security'=> array(
'csrfExpires'=>'+1小时'
),
'Search.Prg'=>数组(
'commonProcess'=>数组(
'paramType'=> ;'named',
'filterEmpty'=> true
))
);
//////////////////////////// ///////////////////////////////////////
公共函数beforeFilter(){
parent :: beforeFilter();
$ this-> layout ='admin';
$ this-> Security-> blackHoleCallback ='_ blankHole';
}
/////// ////////////////////////////////////////////////// ////// /////
公共函数_blackHole($ error){
die($ error);
}
//////////////////////////////// /////////////////////////////////////
通过这样做,出现'auth'错误。
我该怎么办?
请帮助我。我用google搜索但这只是浪费时间。我没办法。
请帮助我。
Hi,
I am new to cakephp and now I am working on a new project with cakephp by studying. My current doing task is to do CSRF protection for overall project.I have read official cakephp 2 cookbook and I did as explained in that book. But, now I am facing "The request has been black-holed.
Error: The requested address '/admin/accounts/add' was not found on this server." every time the new user add form is submitted.
My code is :
//////////////////////////////////////////////////////////////////////////////////////////////////
public $components = array(
'Security' => array(
'csrfExpires' => '+1 hour'
),
'Search.Prg' => array(
'commonProcess' => array(
'paramType' => 'named',
'filterEmpty' => true
))
);
///////////////////////////////////////////////////////////////////
public function beforeFilter() {
parent::beforeFilter();
$this->layout = 'admin';
$this->Security->blackHoleCallback = '_blackHole';
}
////////////////////////////////////////////////////////////////////
public function _blackHole($error) {
die($error);
}
/////////////////////////////////////////////////////////////////////
By doing so, 'auth' error has appeared.
How should I do?
Please help me.I have googled but it was just the waste of time.I have no way to do.
Please help me.
推荐答案
components = array(
'安全'=>数组(
'csrfExpires'=>'+ 1小时'
),
'Search.Prg'=>数组(
'commonProcess'=>数组(
'paramType'=>'命名',
'filterEmpty'=>真的
))
);
/////////////////////////////////////////////// ////////////////////
公共功能beforeFilter(){
parent :: beforeFilter();
components = array(
'Security' => array(
'csrfExpires' => '+1 hour'
),
'Search.Prg' => array(
'commonProcess' => array(
'paramType' => 'named',
'filterEmpty' => true
))
);
///////////////////////////////////////////////////////////////////
public function beforeFilter() {
parent::beforeFilter();
this-> layout ='admin';
this->layout = 'admin';
this-> ;安全 - > blackHoleCallback ='_ blankHole';
}
////////////// ////////////////////////////////////////////////// ////
公共职能_blackHole(
this->Security->blackHoleCallback = '_blackHole';
}
////////////////////////////////////////////////////////////////////
public function _blackHole(
这篇关于我应该如何在cakephp中进行CSRF保护?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!