dtwr2012
2014-12-08 07:50
浏览 50
已采纳

CSRF令牌附加到请求

I have an OpenCart shop running on two different servers (development and staging of the exact same site). On Server #1 everything is working as expected, but on Server #2 I'm all of a sudden seeing the parameter CSRF_TOKEN=xxxxxxx appended to various but not all URLs.

Where is this coming from???

For example, if I press the "Add to cart"-button jQuery throws the following exception: Error: Syntax error, unrecognized expression: ?CSRF_TOKEN=xxxxxxx

I'm also getting a bunch of other errors, all due to this mysterious CSRF_TOKEN. If I hover over certain links, I see the the CSRF_TOKEN as part of the URL but it's not in the source code but somehow ends up in client.

I´m running Apache version 2.2.29 and PHP 5.4.32. I have no idea where this is coming from or what to do about it - Any ideas on what is going on here?

图片转代码服务由CSDN问答提供 功能建议

我在两个不同的服务器上运行OpenCart商店(开发和分段完全相同的站点)。 在服务器#1上,一切都按预期工作,但在服务器#2上,我突然看到参数CSRF_TOKEN = xxxxxxx附加到各种但不是所有URL。

这是来自哪里?

例如,如果我按下“添加到购物车” - 按钮jQuery会抛出以下异常: 错误:语法错误,无法识别的表达式:?CSRF_TOKEN = xxxxxxx

由于这个神秘的CSRF_TOKEN,我也遇到了一堆其他错误。 如果我将鼠标悬停在某些链接上, 我看到CSRF_TOKEN是URL的一部分,但它不在源代码中,但不知何故最终在客户端。

我正在运行Apache 2.2.29和PHP 5.4.32。 我不知道这是从哪里来的或者该怎么办 - 关于这里发生了什么的任何想法?

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • douye2572 2014-12-09 09:00
    已采纳

    My hosting provider confirmed that it was an security rule on the server causing the issue and helped me resolve it.

    点赞 打赏 评论

相关推荐 更多相似问题