GroceryCRUD添加,编辑按钮在启用CodeIgniter CSRF保护时不工作 [英] GroceryCRUD add, edit buttons not working when enabling CodeIgniter CSRF protection
问题描述
我使用 GroceryCRUD 1.5.0与 CodeIgniter 2.2.0。
当启用CodeIgniter的内部CSRF保护时:
$ config ['csrf_protection'] = TRUE;应用程序/ config / config.php
中的
< ,那么GroceryCRUD自动生成的操作按钮(编辑,查看)和链接(添加)不再工作。
似乎CSRF令牌不会传递Ajax调用(用Firebug确认)。可以将此CodeIgniter功能与GroceryCRUD一起使用吗?
我终于设法解决了我的问题。有两种选择:
简单方法:
p>
$ config ['grocery_crud_dialog_forms'] = false;
在 application / config / grocery_crud.php
。
此选项在没有启用CSRF保护的情况下运作良好(也就是说,可以设置为 true
优雅的方式:
如果我们要使用:
$ config ['grocery_crud_dialog_forms'] = true;
在 application / config / grocery_crud.php
具有可爱的形式,则:
$ (function(){var csrf_token = $ .cookie('csrf_cookie_name'); $ .ajaxSetup({data:{'csrf_test_name':csrf_token}});});
我希望这将有助于别人。
I am using GroceryCRUD 1.5.0 with CodeIgniter 2.2.0.
When enabling CodeIgniter's internal CSRF protection with:
$config['csrf_protection'] = TRUE;
in application/config/config.php
, then the GroceryCRUD auto-generated action buttons (edit, view) and links (add) does not work anymore.
It seems that the CSRF token is not passed along in the Ajax calls (confirmed with Firebug). It is possible to use this CodeIgniter feature with GroceryCRUD?
解决方案 I finally managed to solve my problem. Two options are available:
The easy way:
Set:
$config['grocery_crud_dialog_forms'] = false;
in application/config/grocery_crud.php
.
This option works well without CSRF protection enabled (that is, it can be set to true
to produce more elegant forms), but fails when set if no code modifications are done in the javascript.
The elegant way:
If we want to use:
$config['grocery_crud_dialog_forms'] = true;
in application/config/grocery_crud.php
to have the cute forms, then:
include the jquery.cookie plugin in pages with forms
add this code to your JS files to auto-magically insert the CSRF token in all ajax POST calls:
$(document).ready(function() {
var csrf_token= $.cookie('csrf_cookie_name');
$.ajaxSetup({
data: {
'csrf_test_name' : csrf_token
}
});
});
I hope this will help someone else.
这篇关于GroceryCRUD添加,编辑按钮在启用CodeIgniter CSRF保护时不工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!