post方法渲染403禁止页面，而不是执行post方法代码 [英] post method rendering 403 forbidden page instead of executing post method code

问题描述

注意:我是 Play 框架的新手

使用此视频教程和播放列表，我设法创建了一个简单的网络应用程序.

Using this video tutorial and playlist, I manage to create a simple webapp.

问题:

POST 路由文件中的方法似乎没有执行所需的 POST 代码.

POST methods in routes file do not seem to execute the required POST code.

给定下面的路由文件，浏览到 localhost:{port}/user/register 请求一个 GET，从而渲染并返回 register 视图.

Given the routes file below, browsing to localhost:{port}/user/register requests a GET, thus rendering and returning the register view.

填写 register view 字段，然后单击 submit，刷新页面(通过清除输入字段)并显示预期的注册"文本

Filling in the register view fields, and clicking submit, refreshes the page (by clearing the input fields) and does show the expected "registered" text

如果 method="post" 已添加到 register 视图 中的 form 中，则立即出现 403 禁止页面 显示页面.

If method="post" has been added to the form in the register view, an immediate 403 Forbidden page page is displayed.

为什么没有显示注册"文本，我错过了什么(做错了)?

Why isn't the "registered" text being shown, what am I missing (doing wrong) ?

路线文件:

GET        /                     controllers.HomeController.index

GET        /user                 controllers.LoginController.index()
GET        /user/login           controllers.LoginController.login()
POST       /user/login           controllers.LoginController.doLogin()
GET        /user/register        controllers.LoginController.register()
POST       /user/register        controllers.LoginController.doRegister()

# Map static resources from the /public folder to the /assets URL path
GET        /assets/*file         controllers.Assets.versioned(path="/public", file: Asset)

控制器:

HomeController
LoginController

LoginController 方法:

LoginController methods:

public Result index() { return ok(views.html.user.index.render(User.getAllUsers())) } 
public Result login() { return ok(login.render()); }
public Result doLogin() { return ok("registered"); }
public Result register() { return ok(register.render()); }
public Result doRegister() { return ok("registered"); }

注册查看:

@()

<html>
    <head>
        <title>Register new User</title>
    </head>
    <body>
        <h1>Register User</h1>
        <br>
        <br>
        Enter Email Address: <input type="password" name="confirmPassword">
        Enter Password: <input type="password" name="confirmPassword">
        Confirm Password: <input type="password" name="confirmPassword">
        <br>
        <br>
        <form action="@routes.LoginController.doRegister()">
            <input type="submit" value="Register"/>
        </form>
    </body>
</html>

控制台输出错误:

[warn] p.filters.CSRF - [CSRF] Check failed because no or invalid token found in body
[warn] p.filters.CSRF - [CSRF] Check failed with NoTokenInBody

推荐答案

我认为你是对的，你需要定义提交表单数据时使用的 HTTP 方法(GET 或 POST).

I think you're correct you need to define the HTTP method (GET or POST) to be used when submitting the form data.

您可能会看到 Forbidden，因为默认情况下，Play 将需要 CSRF 检查"看到这里?

It's possible you're seen Forbidden because "By default, Play will require a CSRF check" See here?

像这样将 CSRF 令牌添加到请求中:

Add the CSRF token to the request like this:

@import helper._

 <form method="post" action="@CSRF(routes.LoginController.doRegister())">
    ...

或者在表单的正文中:

<form method="post" action="@routes.LoginController.doRegister()">
    @CSRF.formField
    ...

这篇关于post方法渲染403禁止页面，而不是执行post方法代码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！