Rails:CSRF令牌不能正常工作,但设置 [英] Rails: CSRF token not working but setup
本文介绍了Rails:CSRF令牌不能正常工作,但设置的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在heroku上有我的rails 3应用程序,并且当我发送银行信息时,我得到:警告:无法验证CSRF令牌真实性但我的CSRF令牌已设置。 https://gist.github.com/anonymous/7081401
$。ajax({url:'#{credit_cards_path}',
类型:'POST',
beforeSend:function(xhr) {xhr.setRequestHeader('X-CSRF-Token','#{form_authenticity_token}')},
dataType:json,
data:{cc_uri:response.data.uri,
地址:$('。address')。val()
// etc ...
},
成功:函数(randomobject){
window.location =' / products /'+ randomobject.value +'/ receipt';
}
});
heroku日志
829962 + 00:00 app [web.1]:开始POST/ products / 2 / card为100.2.109.97于2013-10-21 09:13:03 +0000
835379+ 00:00 app [web.1]:警告:无法验证CSRF令牌的真实性
834929 + 00:00 app [web.1]:将CreditcardsController#addcard处理为HTML
834929 + 00: 00 app [web.1]:参数:{state=>NY,id=>2}
604099 + 00:00 heroku [router]:at = info method = POST path = / products / 2 / card host = app.herokuapp.com fwd =100.2.109.97dyno = web.1 connect = 1ms service = 1781ms status = 500 bytes = 643
604259 + 00:00 app [web.1]:
602739 + 00:00 app [web.1]:在1768ms内完成500次内部服务器错误
604259 + 00:00应用[web.1]:Balanced :: BadRequest( Balanced :: BadRequest(400):: Bad Request :: POST https://api.balancedpayments.com/v1/customers:request:无效字段[card_uri] - None必须是字符串URI您的请求ID为OHMfe86f2883a3011e3980d02a1fe53e539。 ):
#{form_authenticity_token}有关
根据此源警告:无法验证CSRF令牌真实性轨道 a>您应该可以使用此代码:
根据此源警告:无法验证CSRF令牌真实性轨道 a>您应该可以使用此代码:
标题:{
'X-Transaction':'POST示例',
'X-CSRF-Token':$('meta [name =csrf-token]')。attr('content')
},
I have my rails 3 app on heroku and when I send bank info I get: WARNING: Can't verify CSRF token authenticity but my CSRF token is set up. https://gist.github.com/anonymous/7081401
$.ajax({ url: '#{credit_cards_path}',
type: 'POST',
beforeSend: function(xhr) {xhr.setRequestHeader('X-CSRF-Token', '#{form_authenticity_token}')},
dataType: "json",
data: { cc_uri: response.data.uri,
address: $('.address').val()
// etc ...
},
success: function(randomobject) {
window.location = '/products/' + randomobject.value + '/receipt';
}
});
heroku logs
829962+00:00 app[web.1]: Started POST "/products/2/card" for 100.2.109.97 at 2013-10-21 09:13:03 +0000
835379+00:00 app[web.1]: WARNING: Can't verify CSRF token authenticity
834929+00:00 app[web.1]: Processing by CreditcardsController#addcard as HTML
834929+00:00 app[web.1]: Parameters: {"state"=>"NY", "id"=>"2"}
604099+00:00 heroku[router]: at=info method=POST path=/products/2/card host=app.herokuapp.com fwd="100.2.109.97" dyno=web.1 connect=1ms service=1781ms status=500 bytes=643
604259+00:00 app[web.1]:
602739+00:00 app[web.1]: Completed 500 Internal Server Error in 1768ms
604259+00:00 app[web.1]: Balanced::BadRequest (Balanced::BadRequest(400)::Bad Request:: POST https://api.balancedpayments.com/v1/customers: request: Invalid field [card_uri] - "None" must be a string URI Your request id is OHMfe86f2883a3011e3980d02a1fe53e539. ):
解决方案
Might be to do with your use of #{form_authenticity_token}
According to this source WARNING: Can't verify CSRF token authenticity rails you should be able to use this code:
headers: {
'X-Transaction': 'POST Example',
'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
},
这篇关于Rails:CSRF令牌不能正常工作,但设置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
