Rails + Emberjs：无法验证CSRF令牌的真实性 [英] Rails + Emberjs: Can't verify CSRF token authenticity

问题描述

我刚刚使用rails作为具有Emberjs前端的api。我正在获得一个完成的422无法处理的实体，每当我尝试执行POST请求时，无法验证CSRF令牌的真实性

I'm new to using rails as an api with an Emberjs front-end. I'm getting a 'Completed 422 Unprocessable Entity' and Can't verify CSRF token authenticity whenever I try to do a POST request

我看过几个帖子和解决方案说要插入这个函数

I've seen a couple of posts and solutions saying to insert this function

$(function() {
    var token = $('meta[name="csrf-token"]').attr('content');
    return $.ajaxPrefilter(function(options, originalOptions, xhr) {
        return xhr.setRequestHeader('X-CSRF-Token', token);
    });
});

在ember-cli项目中实施CSRF的适当位置在哪里？

Where is the appropriate place to implement CSRF in an ember-cli project?

更新：10/1/2015

我的app / adapters / application.js看起来像这样现在：

my app/adapters/application.js looks something like this now:

import DS from 'ember-data';

export default DS.ActiveModelAdapter.extend({
  headers: Ember.computed(function(){
    var token = Ember.$('meta[name="csrf-token"]').attr('content');

    return {"X-CSRF-Token": token};
  })
});

但是，我仍然收到相同的错误消息...

However, i'm still getting the same error messages...

推荐答案

最简单的解决方案是将其添加到您的清单文件中：

The easiest solution would be to add this to your manifest file:

#= require jquery-ujs

或者你可以扩展你的应用程序适配器， CSRF令牌：

Or you could extend your application adapter to always include CSRF token:

ApplicationAdapter = DS.RESTAdapter.extend
  headers:
    "X-CSRF-Token": $('meta[name="csrf-token"]').attr('content')

这篇关于Rails + Emberjs：无法验证CSRF令牌的真实性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！