dqxafj6830 2016-11-29 13:26
浏览 87
已采纳

使用表单数据添加laravel CSRF令牌

While uploading an image via wysiwyg editor I need to pass the Laravel CSRF token with the FormData(). But it seems like it fails or it does not add the csrf token using the append() method.

Here is my code:

  function uploadImage( image ) {
    var data = new FormData();
    data.append( "image", image );

    data.append( "csrfToken", Laravel.csrfToken ); // <- adding csrf token
    // Laravel.csrfToken will return the csrf token.

    console.log( data.entries() );
    $.ajax ({
      data: data,
      type: "POST",
      url: "/article/store/image",
      cache: false,
      contentType: false,
      processData: false,
      success: function(url) {
        var image = IMAGE_PATH + url;
          $( '#editor' ).summernote( "insertImage", image );
        },
        error: function( data ) {
          console.log( data );
        }
    });
  }

enter image description here

Its not adding the laravel csrf token with the form data because still I am getting an error

TokenMismatchException in VerifyCsrfToken.php line 68

How to add the token with the form data?

  • 写回答

3条回答 默认 最新

  • duankuang1046 2016-11-29 13:31
    关注

    You should add a field named - _token, instead of csrfToken like this:

    data.append( "_token", Laravel.csrfToken ); // <- adding csrf token

    This is what Laravel's helper method - csrf_field() does.

    According to Laravel Docs, in case of Ajax calls - you could, for example, store the token in a HTML meta tag::

    <meta name="csrf-token" content="{{ csrf_token() }}">

    and then include in your ajax header like this:

    $.ajaxSetup({
   headers: {
       'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
   }
});

    Hope this helps!

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
  • dongliao1949 2016-11-29 13:35
    关注

    For ajax requests, I like to set it up once with $.ajaxSetup.

    In my layout:

    <meta name="csrf-token" content="{{ csrf_token() }}">

    In my app.js:

    $.ajaxSetup({
    headers: {
        'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
    }
});

    This saves me having to remember to append the _token input to every request.

    评论
  • douyuefei3546 2016-11-29 13:41
    关注

    while @Saumya already answered this question, I use headers to send CSRF tokens like so:

    $.ajax ({
  data: data,
  type: "POST",
  headers: {'X-CSRF-TOKEN': Laravel.csrfToken },
  url: "/article/store/image",
  cache: false,
  contentType: false,
  processData: false,
  success: function(url) {
    var image = IMAGE_PATH + url;
      $( '#editor' ).summernote( "insertImage", image );
    },
    error: function( data ) {
      console.log( data );
    }
});

    If you are using ajax to send multiple requests throughout your application, you can set it up globally for every request at once:

    $.ajaxSetup({
headers: {
    'X-CSRF-TOKEN': Laravel.csrfToken
}
});

    Learn more Here

    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥60 悬赏求解,通过实时现场摄像头的视频图像识别其他对家打出的麻将牌,识别麻将牌,识别牌墙位置,通过识别对家打出了什么牌
  • ¥15 关于#GPU jetson#的pcie驱动开发问题,如何解决?
  • ¥15 stm32f103zet6 串口5无法收发数据
  • ¥15 关于C语言使用线程队列实现多线程并发
  • ¥15 这个运行,错误在哪里呀,大家看看吧,教导我
  • ¥15 advanceinstaller对话框设置
  • ¥100 正常上网,内部网页无法打开
  • ¥15 组件库引入并使用在若依框架未展示
  • ¥149 关于#使用python 的Flash Echarts+ajax+mysql动态数据实现饼图#的问题,请各位专家解答!
  • ¥15 RichTextBox中追加文本时报错