dqxafj6830
2016-11-29 13:26
浏览 81
已采纳

使用表单数据添加laravel CSRF令牌

While uploading an image via wysiwyg editor I need to pass the Laravel CSRF token with the FormData(). But it seems like it fails or it does not add the csrf token using the append() method.

Here is my code:

  function uploadImage( image ) {
    var data = new FormData();
    data.append( "image", image );

    data.append( "csrfToken", Laravel.csrfToken ); // <- adding csrf token
    // Laravel.csrfToken will return the csrf token.

    console.log( data.entries() );
    $.ajax ({
      data: data,
      type: "POST",
      url: "/article/store/image",
      cache: false,
      contentType: false,
      processData: false,
      success: function(url) {
        var image = IMAGE_PATH + url;
          $( '#editor' ).summernote( "insertImage", image );
        },
        error: function( data ) {
          console.log( data );
        }
    });
  }

enter image description here

Its not adding the laravel csrf token with the form data because still I am getting an error

TokenMismatchException in VerifyCsrfToken.php line 68

How to add the token with the form data?

  • 写回答
  • 好问题 提建议
  • 关注问题
  • 收藏
  • 邀请回答

3条回答 默认 最新

  • duankuang1046 2016-11-29 13:31
    已采纳

    You should add a field named - _token, instead of csrfToken like this:

    data.append( "_token", Laravel.csrfToken ); // <- adding csrf token
    

    This is what Laravel's helper method - csrf_field() does.

    According to Laravel Docs, in case of Ajax calls - you could, for example, store the token in a HTML meta tag::

    <meta name="csrf-token" content="{{ csrf_token() }}">
    

    and then include in your ajax header like this:

    $.ajaxSetup({
       headers: {
           'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
       }
    });
    

    Hope this helps!

    已采纳该答案
    评论
    解决 无用
    打赏 举报
  • dongliao1949 2016-11-29 13:35

    For ajax requests, I like to set it up once with $.ajaxSetup.

    In my layout:

    <meta name="csrf-token" content="{{ csrf_token() }}">
    

    In my app.js:

    $.ajaxSetup({
        headers: {
            'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
        }
    });
    

    This saves me having to remember to append the _token input to every request.

    评论
    解决 无用
    打赏 举报
  • douyuefei3546 2016-11-29 13:41

    while @Saumya already answered this question, I use headers to send CSRF tokens like so:

    $.ajax ({
      data: data,
      type: "POST",
      headers: {'X-CSRF-TOKEN': Laravel.csrfToken },
      url: "/article/store/image",
      cache: false,
      contentType: false,
      processData: false,
      success: function(url) {
        var image = IMAGE_PATH + url;
          $( '#editor' ).summernote( "insertImage", image );
        },
        error: function( data ) {
          console.log( data );
        }
    });  
    

    If you are using ajax to send multiple requests throughout your application, you can set it up globally for every request at once:

    $.ajaxSetup({
    headers: {
        'X-CSRF-TOKEN': Laravel.csrfToken
    }
    });
    

    Learn more Here

    评论
    解决 无用
    打赏 举报

相关推荐 更多相似问题