有道发送真实性令牌与AJAX ..? [英] Proper way to send an Authenticity Token with AJAX..?
问题描述
这工作,但被停止了,因为它缺乏真实性令牌:
$(AJAX-转诊)。点击(函数(){
$阿贾克斯({类型:POST,网址:$(本).parent(形式)ATTR(行动),数据类型:脚本});
返回false;
});
所以,我想将它添加像这样:
$(AJAX-转诊)。点击(函数(){
$阿贾克斯({类型:POST,网址:$(本).parent(形式)ATTR(行动)+ +的auth_token,数据类型。&放大器authenticity_token =?:脚本});
返回false;
});
和它正确传递的auth_token作为一个参数,但似乎失去了我的表格的其他部分。
反正要达到这两个发送该工作表单数据,并真实性令牌呢?
这是一个Rails环境。我有这个在我的脑海。
= javascript_tagVAR的auth_token ='#{form_authenticity_token};如果protect_against_forgery?
我试过
事情
1。
= hidden_field:authenticity_token,:价值=> form_authenticity_token
2。
$阿贾克斯({类型:POST,网址:$(本).parent(形式)ATTR(行动),数据类型:剧本, authenticity_token:的auth_token});
3。
//始终发送authenticity_token与阿贾克斯
$(文件).ajaxSend(函数(事件,要求设置){
如果(settings.type!='GET'){
settings.data =(settings.data settings.data +&放大器;:)
+authenticity_token =EN + codeURIComponent(的auth_token);
}
});
其实,你正在阅读的动作
的形式属性和发送后Ajax请求给它。你必须提交的表格发送表单数据,或者您可以序列化表单数据,并在Ajax请求发送类似
$(AJAX-转诊)。点击(函数(){
$阿贾克斯({
键入:POST,
网址:。?&放大器; authenticity_token =$(本).parent(形式)ATTR(行动)+ +的auth_token,
数据:$(本).parent(形式)序列化()。
数据类型:剧本
});
返回false;
});
这样做将序列化表单数据,并将其与Ajax请求和真实性令牌发送已被通过查询字符串发送
This works but gets stopped because it lacks an authenticity token:
$(".ajax-referral").click(function(){
$.ajax({type: "POST", url: $(this).parent("form").attr("action"), dataType: "script"});
return false;
});
So I tried adding it like so:
$(".ajax-referral").click(function(){
$.ajax({type: "POST", url: $(this).parent("form").attr("action") + "?&authenticity_token=" + AUTH_TOKEN, dataType: "script"});
return false;
});
And it passes the auth_token correctly as a param, but seems to lose the rest of my form.
Anyways to accomplish both sending the form data that works, and the authenticity token as well?
This is a rails environment. And I have this in my head.
= javascript_tag "var AUTH_TOKEN = '#{form_authenticity_token}';" if protect_against_forgery?
Things I've tried
1.
= hidden_field :authenticity_token, :value => form_authenticity_token
2.
$.ajax({type: "POST", url: $(this).parent("form").attr("action"), dataType: "script", authenticity_token: AUTH_TOKEN});
3.
// Always send the authenticity_token with ajax
$(document).ajaxSend(function(event, request, settings) {
if ( settings.type != 'GET' ) {
settings.data = (settings.data ? settings.data + "&" : "")
+ "authenticity_token=" + encodeURIComponent( AUTH_TOKEN );
}
});
Actually, you are reading the action
attribute of form and sending a post ajax request to it. to send form data you have to submit the form or you can serialize the form data and send it in ajax request like
$(".ajax-referral").click(function(){
$.ajax({
type: "POST",
url: $(this).parent("form").attr("action") + "?&authenticity_token=" + AUTH_TOKEN,
data:$(this).parent("form").serialize(),
dataType: "script"
});
return false;
});
Doing this will serialize your form data and send it along with ajax request and authenticity token is already being sent via query string
这篇关于有道发送真实性令牌与AJAX ..?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!