所有POST请求上的Laravel 4 CSRF

Been looking into laravel lately, and trying to figure out the CSRF protection that they have. However, i can't get it work. Is there any way i can validate all post request submitted, with the CSRF filter? I've seen that the laravel system has:

    App::before(function($request)
{
    //
});

How would i be able to use this with the CSRF filter? Been trying a few different things like

App::before(function($request)
{
    Route::filter('csrf','post');
});

But i'm probably way off here.. how would this work? or is it even possible doing it this way?

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

7条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douwen1313 2013-06-27 00:02
关注
You can use route groups. This will apply the specified options to any routes defined in a group:

Route::group(array('before' => 'csrf'), function() { Route::post('/', function() { // Has CSRF Filter }); Route::post('user/profile', function() { // Has CSRF Filter }); Route::post(....); });

For certain routes, or if grouping isn't what you want, you can also use a pattern filter:

//all routes beginning with admin, sent via a post http request will use the csrf filter Route::when('admin/*', 'csrf', array('post'));

NOTE: this code would go in your routes.php file
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(6条)

报告相同问题？

关注问题

所有POST请求上的Laravel 4 CSRF csrf laravel php
2013-06-26 20:34

回答 7 已采纳 You can use route groups. This will apply the specified options to any routes defined in a group:
Laravel的CSRF令牌有哪些替代品？ javascript laravel php
2016-10-28 04:29

回答 2 已采纳 If your API uses an authentication scheme that does not depend on the authentication token being s
Laravel csrf令牌与ajax POST请求不匹配 ajax jquery laravel php
2015-09-23 11:47

回答 11 已采纳 You have to add data in your ajax request. I hope so it will be work. data: { "_token": "
Laravel - CSRF - 学习/实践
2020-08-12 14:36

宁小法的博客了解Laravel csrf的使用以及工作原理，以及更多的web攻击方式以及相应的防护措施。
如何在Laravel 5.2中使用Ajax进行CSRF保护 csrf jquery laravel php
2016-08-23 07:45

回答 2 已采纳 Try to set CSRF token in X-CSRF-TOKEN like, $.ajaxSetup({ headers: { 'X-CSRF-TOKEN':
Laravel执行GET而不是POST请求 ajax laravel php
2017-07-17 11:08

回答 3 已采纳 Try this code. $.ajax({ url: "{{ url('/manager/assign_orders') }}", type: 'POST', da
Laravel PHPUnit总是通过CSRF laravel php
2016-06-09 19:27

回答 1 已采纳 Have a look at the Illuminate\Foundation\Http\Middleware\VerifyCsrfToken class, especially the han
【PHP框架 | Laravel8 系列5】 - 视图与CSRF保护
2022-10-27 16:43

后端木木的博客 Laravel 视图与CSRF保护
使用表单数据添加laravel CSRF令牌 javascript laravel php
2016-11-29 13:26

回答 3 已采纳 You should add a field named - _token, instead of csrfToken like this: data.append( "_token", Lar
处理SAML POST并仍然在Laravel 5中维护CSRF laravel php
2017-03-28 22:41

回答 1 已采纳 You may exclude your endpoint by adding it to the $except property of the VerifyCsrfToken middlewa
在Laravel中更改CSRF失败HTTP响应代码 csrf laravel php
2017-01-18 10:45

回答 2 已采纳 You can override this through your App/Http/Middleware/VerifyCSRFToken.php file like so: <?php
使用laravel框架开发接口时ajax post请求报错419
2023-02-07 14:22

洪、的博客使用laravel框架开发接口时ajax post请求报错419。
Laravel - 从Ajax Post请求中获取数据 ajax javascript jquery laravel php
2017-09-02 21:44

回答 1 已采纳 You could add each file as a new input on your form, so that you have them separately on the back
使用laravel框架开发接口时post请求报错419，get请求正常
2021-12-28 17:40

程序猿无所畏惧的博客 get请求正常，但是post请求一直报错。H5和APP都不成功，code=419。首先确定路由已经配置正确 //后台分组 Route::group(['prefix'=>'admin', // 'middleware' => ['web'] ],function (){ Route::prefix('...
laravel框架中ajax的post请求报419(unknown status)
2023-01-11 14:55

top、cxy的博客 laravel框架中ajax的post请求报419(unknown status)
没有解决我的问题, 去提问

悬赏问题

¥20 wireshark抓不到vlan
¥20 关于#stm32#的问题：需要指导自动酸碱滴定仪的原理图程序代码及仿真
¥20 设计一款异域新娘的视频相亲软件需要哪些技术支持
¥15 stata安慰剂检验作图但是真实值不出现在图上
¥15 c程序不知道为什么得不到结果
¥40 复杂的限制性的商函数处理
¥15 程序不包含适用于入口点的静态Main方法
¥15 素材场景中光线烘焙后灯光失效
¥15 请教一下各位，为什么我这个没有实现模拟点击
¥15 执行 virtuoso 命令后，界面没有，cadence 启动不起来

所有POST请求上的Laravel 4 CSRF

7条回答 默认 最新

悬赏问题

7条回答默认最新