在ajax提交上禁用symfony 2 csrf令牌保护 [英] Disable symfony 2 csrf token protection on ajax submit
问题描述
我正在构建一个移动应用程序,通过网络服务与我的 symfony2 应用程序对话我找不到在特定控制器/操作上禁用 csrf 保护的方法
我想将注册数据发布到此操作并使用 sf2 表单验证.我不会在我的移动应用中调用表单
不能在action中改变容器参数,抛出异常,因为它是一个冻结参数...
我不想为整个应用程序禁用表单保护
有什么线索吗?
谢谢!
更新:使用 symfony 2.1.x
/*** {@inheritdoc}*/公共函数 setDefaultOptions(OptionsResolverInterface $resolver){$resolver->setDefaults(array('csrf_protection' =>错误的,));}
如果您正在寻找比上述答案中建议的更简单、更快捷的解决方案,方法如下:
setDefaults(array('csrf_protection' =>错误的,));}}
.. 或者如果您使用的是旧版本 (Symfony 2.0.*):
有关其他信息,请参阅 Symfony 文档.><小时>
更新了最新 Symfony 版本的答案,感谢 naitsirch
i'm building a mobile app talking to my symfony2 app via webservices I can't find a way to disable csrf protection on a specific controller/action
i want to post registration data to this action and use sf2 form validation. I do not call the form in my mobile app
Can't change container parameters in action, throw an exception because it is a frozen parameter...
I do not want to disable form protection for whole my application
any clue ?
thanks !
update: with symfony 2.1.x
/**
* {@inheritdoc}
*/
public function setDefaultOptions(OptionsResolverInterface $resolver)
{
$resolver->setDefaults(array(
'csrf_protection' => false,
));
}
If you're looking for a bit easier and faster solution than suggested in answer above, here's how:
<?php
// ...
use SymfonyComponentFormAbstractType;
use SymfonyComponentFormFormBuilder;
use SymfonyComponentOptionsResolverOptionsResolver;
class MyType extends AbstractType
{
// ...
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults(array(
'csrf_protection' => false,
));
}
}
.. or if you're using older versions (Symfony 2.0.*):
<?php
// ...
use SymfonyComponentFormAbstractType;
use SymfonyComponentFormFormBuilder;
class MyType extends AbstractType
{
// ....
public function getDefaultOptions(array $options)
{
$options = parent::getDefaultOptions($options);
$options['csrf_protection'] = false;
return $options;
}
}
Consult the Symfony documentation for additional information.
Edit: updated answer to latest Symfony version, thanks naitsirch
这篇关于在ajax提交上禁用symfony 2 csrf令牌保护的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!