所有POST请求上的Laravel 4 CSRF

Been looking into laravel lately, and trying to figure out the CSRF protection that they have. However, i can't get it work. Is there any way i can validate all post request submitted, with the CSRF filter? I've seen that the laravel system has:

    App::before(function($request)
{
    //
});

How would i be able to use this with the CSRF filter? Been trying a few different things like

App::before(function($request)
{
    Route::filter('csrf','post');
});

But i'm probably way off here.. how would this work? or is it even possible doing it this way?

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

7条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douwen1313 2013-06-27 00:02
关注
You can use route groups. This will apply the specified options to any routes defined in a group:

Route::group(array('before' => 'csrf'), function() { Route::post('/', function() { // Has CSRF Filter }); Route::post('user/profile', function() { // Has CSRF Filter }); Route::post(....); });

For certain routes, or if grouping isn't what you want, you can also use a pattern filter:

//all routes beginning with admin, sent via a post http request will use the csrf filter Route::when('admin/*', 'csrf', array('post'));

NOTE: this code would go in your routes.php file
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(6条)

报告相同问题？

关注问题

所有POST请求上的Laravel 4 CSRF csrf laravel php
2013-06-26 20:34

回答 7 已采纳 You can use route groups. This will apply the specified options to any routes defined in a group:
Laravel的CSRF令牌有哪些替代品？ javascript laravel php
2016-10-28 04:29

回答 2 已采纳 If your API uses an authentication scheme that does not depend on the authentication token being s
Laravel csrf令牌与ajax POST请求不匹配 ajax jquery laravel php
2015-09-23 11:47

回答 11 已采纳 You have to add data in your ajax request. I hope so it will be work. data: { "_token": "
Laravel - CSRF - 学习/实践
2020-08-12 14:36

宁小法的博客了解Laravel csrf的使用以及工作原理，以及更多的web攻击方式以及相应的防护措施。
如何在Laravel 5.2中使用Ajax进行CSRF保护 csrf jquery laravel php
2016-08-23 07:45

回答 2 已采纳 Try to set CSRF token in X-CSRF-TOKEN like, $.ajaxSetup({ headers: { 'X-CSRF-TOKEN':
Laravel执行GET而不是POST请求 ajax laravel php
2017-07-17 11:08

回答 3 已采纳 Try this code. $.ajax({ url: "{{ url('/manager/assign_orders') }}", type: 'POST', da
Laravel PHPUnit总是通过CSRF laravel php
2016-06-09 19:27

回答 1 已采纳 Have a look at the Illuminate\Foundation\Http\Middleware\VerifyCsrfToken class, especially the han
【PHP框架 | Laravel8 系列5】 - 视图与CSRF保护
2022-10-27 16:43

后端木木的博客 Laravel 视图与CSRF保护
使用表单数据添加laravel CSRF令牌 javascript laravel php
2016-11-29 13:26

回答 3 已采纳 You should add a field named - _token, instead of csrfToken like this: data.append( "_token", Lar
处理SAML POST并仍然在Laravel 5中维护CSRF laravel php
2017-03-28 22:41

回答 1 已采纳 You may exclude your endpoint by adding it to the $except property of the VerifyCsrfToken middlewa
在Laravel中更改CSRF失败HTTP响应代码 csrf laravel php
2017-01-18 10:45

回答 2 已采纳 You can override this through your App/Http/Middleware/VerifyCSRFToken.php file like so: <?php
使用laravel框架开发接口时ajax post请求报错419
2023-02-07 14:22

洪、的博客使用laravel框架开发接口时ajax post请求报错419。
Laravel - 从Ajax Post请求中获取数据 ajax javascript jquery laravel php
2017-09-02 21:44

回答 1 已采纳 You could add each file as a new input on your form, so that you have them separately on the back
laravel+vue项目前后端分离CSRF_TOKEN设置
2020-05-21 19:35

Lin檬不酸的博客 laravel+vue项目前后端分离CSRF_TOKEN设置一般laravel项目的CSRF_TOKEN的设置都在blade.html中设置为了更方便的管理项目，采用了前后端分离，分别独立管理。在进行数据交互的时候遇到了CSRF_TOKEN相关设置的问题。 ...
laravel框架中ajax的post请求报419(unknown status)
2023-01-11 14:55

top、cxy的博客 laravel框架中ajax的post请求报419(unknown status)
没有解决我的问题, 去提问

悬赏问题

¥15 #MATLAB仿真#车辆换道路径规划
¥15 java 操作 elasticsearch 8.1 实现索引的重建
¥15 数据可视化Python
¥15 要给毕业设计添加扫码登录的功能！！有偿
¥15 kafka 分区副本增加会导致消息丢失或者不可用吗？
¥15 微信公众号自制会员卡没有收款渠道啊
¥15 stable diffusion
¥100 Jenkins自动化部署—悬赏100元
¥15 关于#python#的问题：求帮写python代码
¥20 MATLAB画图图形出现上下震荡的线条

所有POST请求上的Laravel 4 CSRF

7条回答 默认 最新

悬赏问题

7条回答默认最新