Codeigniter ajax CSRF问题 [英] Codeigniter ajax CSRF problem
问题描述
我制作了一个简单的自动加载功能,当您在网站上向下滚动时加载内容。但是,当我在Codeigniter中启用CSRF保护时,似乎有一些问题。
I've made a simple autoload function that loads content when you scroll down on a website. However, there seems to be a few problems when i enable CSRF protection in Codeigniter.
我没有使用表单,所以我不知道如何发送
I'm not using a form, so i don't know how i can send the token from A to B when i'm doing my post request as you scroll.
我的JavaScript
My JavaScript
if (location.href == baseurl) {
$(window).scroll(function(){
if ($(window).scrollTop() > $('body').height() / 2) {
if(doScroll == 1) {
$.post(baseurl + 'ajax/images',{'id' : ID}, function(data) {
$("#wrapper_content").append(data);
if(data == 'Det finnes ikke flere bilder i databasen, WTF!? Send inn forslag ASAP!') {
doScroll = 0;
}
ID++;
});
}
}
});
}
由于Codeigniter期望在所有POST请求中使用TOKEN,因此无法获得工作时启用CSRF i。有任何建议吗?
Since Codeigniter expects a TOKEN on all POST request i can't get this to work when CSRF i enabled. Any suggestions?
启用CSRF时发生错误
Error when CSRF is Enabled
无法载入资源:服务器响应状态为500(内部服务器错误)
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
如果我关闭CSRF, p>
If i turn CSRF off, everything works great...
推荐答案
您可能想尝试我使用的代码。效果很好:
You might like to try this code I've used. It works great:
<script type="text/javascript">
$(function(){
$('.answerlist').each(function(e){
$(this).click(function(){
var valrad = $("input[@name=answer]:checked").val();
var post_data = {
'ansid': valrad,
'<?php echo $this->security->get_csrf_token_name(); ?>' : '<?php echo $this->security->get_csrf_hash(); ?>'
};
$.ajax({
type: "POST",
url: "<?php echo base_url(); ?>online/checkanswer",
data: post_data,
success: function(msg){
/// do something
}
});
});
});
});
</script>
这篇关于Codeigniter ajax CSRF问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
