weixin_33671935 2017-08-20 01:19 采纳率: 0%
浏览 31

AJAX只工作一次

I did a modal with a login form and the submit through a POST AJAX request. I only can login one time, when I logout and try to login again the error message of AJAX request is this (CSRF failed):

Prohibido (403)
Verificación CSRF fallida. Solicitud abortada

The login only works again if I refresh the whole page pressing F5. After the success on the login I refresh only the header, not the whole page. My refresh code is this:

$('#update-' + idToUpdate).load(' #' + idToUpdate);

EDIT: I discovered that the CSRF token only works one time after a success request. I have to generate a new token for the form to work again, and this token only get update if I refresh the whole page pressing F5, and that is just what I do not want to do.

Any solution for this problem? I would not like to do AJAX requests to update the CSRF token, that is not secure.

  • 写回答

2条回答 默认 最新

  • weixin_33709609 2017-08-20 14:37
    关注

    I found a solution. Insert all the ids of the forms with the CSRF token in my function $('#update-' + idToUpdate).load(' #' + idToUpdate); after the success request. This do a partial async F5 refresh of the forms, so all the CSRF tokens get update and I can do new requests.

    评论

报告相同问题?

悬赏问题

  • ¥15 求解 yolo算法问题
  • ¥15 虚拟机打包apk出现错误
  • ¥30 最小化遗憾贪心算法上界
  • ¥15 用visual studi code完成html页面
  • ¥15 聚类分析或者python进行数据分析
  • ¥15 三菱伺服电机按启动按钮有使能但不动作
  • ¥15 js,页面2返回页面1时定位进入的设备
  • ¥50 导入文件到网吧的电脑并且在重启之后不会被恢复
  • ¥15 (希望可以解决问题)ma和mb文件无法正常打开,打开后是空白,但是有正常内存占用,但可以在打开Maya应用程序后打开场景ma和mb格式。
  • ¥20 ML307A在使用AT命令连接EMQX平台的MQTT时被拒绝