Symfony 2. CSRF令牌无效 [英] Symfony 2. CSRF token is invalid
问题描述
我在Symfony2中有一个令牌形式的问题。 (2.7.0)
动作:
public function registerProcessAction Request $ request){
$ form = $ this-> createForm(new RegistrationType(),new Registration());
$ form-> handleRequest($ request);
if($ form-> isValid()){
die('valid');
}
else {
die('invalid');
$ / code $ / pre
和我的表单: $ b $ (
$ b $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $' =>'My \Bundle \Entity \User'
));
}
当我测试表单时,始终显示相同的错误: CSRF令牌无效,请尝试重新提交表单。我确信输入隐藏在表单中。这是视图:
<?php
echo $ view ['form'] - > start( $形式);
echo $ view ['form'] - > widget($ form);
echo $ view ['form'] - > end($ form);
?>
任何人都可以帮助我?
I测试以禁用csrf保护,如下所示:
操作:
$ form = $ this-> createForm(new RegistrationType(),new Registration(),array('csrf_protection'=> false));
表格:
public function configureOptions(OptionsResolver $ resolver)
{
$ resolver-> setDefaults(array(
'data_class'=&'; My \Bundle \Entity\\ \\ User',
'csrf_protection'=> false
));
}
但出现不同的错误:此表单不应包含额外的字段即可。因为令牌的隐藏输入,它的形式尚未完成,我不知道要删除它。
谢谢!
handle()
方法中的某处,我调用了 $ request-> getSession() - > migrate()
,这对我造成了问题。删除呼叫以迁移会话解决了问题。 不知道是否这是破坏我的验证监听器的提交?
I have a problem with a token form in Symfony2. (2.7.0)
Action:
public function registerProcessAction(Request $request){
$form = $this->createForm(new RegistrationType(), new Registration());
$form->handleRequest($request);
if ($form->isValid()) {
die('valid');
}
else{
die('invalid');
}
}
And my Form:
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults(array(
'data_class' => 'My\Bundle\Entity\User'
));
}
When I test the form, always show the same error: "The CSRF token is invalid. Please try to resubmit the form". I sure of the input hidden it's in the form. This is the view:
<?php
echo $view['form']->start($form);
echo $view['form']->widget($form);
echo $view['form']->end($form);
?>
Anyone can help me?
I tested to disable the csrf protection, like this:
Action:
$form = $this->createForm(new RegistrationType(), new Registration(), array('csrf_protection' => false));
Form:
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults(array(
'data_class' => 'My\Bundle\Entity\User',
'csrf_protection' => false
));
}
But a different error appears: This form should not contain extra fields. Because the hidden input of token, it's in the form yet, and I don't know to remove it.
Thankyou!
I have a custom authentication provider, as described here. At some point in the Listener's handle()
method, I was calling $request->getSession()->migrate()
, which was causing the problem for me. Removing the call to migrate the session solved the problem.
I wonder if this was the commit that broke my authentication listener?
这篇关于Symfony 2. CSRF令牌无效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!