{"id":171,"date":"2023-02-19T19:02:38","date_gmt":"2023-02-19T11:02:38","guid":{"rendered":"https:\/\/www.appblog.cn\/?p=171"},"modified":"2023-02-19T19:02:42","modified_gmt":"2023-02-19T11:02:42","slug":"laravel-csrf-protection","status":"publish","type":"post","link":"https:\/\/www.appblog.cn\/index.php\/2023\/02\/19\/laravel-csrf-protection\/","title":{"rendered":"Laravel CSRF Protection"},"content":{"rendered":"

\u5b98\u65b9\u6587\u6863\uff1ahttps:\/\/laravel.com\/docs\/5.5\/csrf<\/a><\/p>\n

\u5ba2\u6237\u7aef\u8bf7\u6c42\u8bbe\u7f6e<\/h2>\n

\u8868\u5355\u6dfb\u52a0\u9690\u85cf\u57df<\/p>\n

<\/p>\n

<form method="POST" action="\/profile">\n    {{ csrf_field() }}\n    ...\n<\/form><\/code><\/pre>\n
AJAX\u8bbe\u7f6e<\/p>\n
<meta name="csrf-token" content="{{ csrf_token() }}">\n\n$.ajaxSetup({\n    headers: {\n        'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')\n    }\n});<\/code><\/pre>\n
\u8bbe\u7f6e\u6392\u9664CSRF\u8ba4\u8bc1\u7684\u8def\u7531<\/h2>\n
app\/Http\/Middleware\/VerifyCsrfToken.php<\/code><\/p>\n
class VerifyCsrfToken extends BaseVerifier\n{\n    \/**\n     * The URIs that should be excluded from CSRF verification.\n     *\n     * @var array\n     *\/\n    protected $except = [\n        '\/api\/*',\n    ];\n}<\/code><\/pre>\n
\u5173\u95edCSRF\u8ba4\u8bc1<\/h2>\n
Laravel\u9ed8\u8ba4\u662f\u5f00\u542f\u4e86CSRF\u529f\u80fd\uff0c\u9700\u8981\u5173\u95ed\u6b64\u529f\u80fd\u6709\u4e24\u79cd\u65b9\u6cd5\uff1a<\/p>\n
\u65b9\u6cd5\u4e00<\/h3>\n
\u6253\u5f00\u6587\u4ef6\uff1aapp\\Http\\Kernel.php<\/code>\uff0c\u628a\u8fd9\u884c\u6ce8\u91ca\u6389\uff1a<\/p>\n
'App\\Http\\Middleware\\VerifyCsrfToken'<\/code><\/pre>\n
\u65b9\u6cd5\u4e8c<\/h3>\n
\u6253\u5f00\u6587\u4ef6\uff1aapp\\Http\\Middleware\\VerifyCsrfToken.php<\/code>\uff0c\u4fee\u6539\u4e3a\uff1a<\/p>\n
<?php namespace App\\Http\\Middleware;\n\nuse Closure;\nuse Illuminate\\Foundation\\Http\\Middleware\\VerifyCsrfToken as BaseVerifier;\n\nclass VerifyCsrfToken extends BaseVerifier {\n\n    \/**\n     * Handle an incoming request.\n     *\n     * @param  \\Illuminate\\Http\\Request  $request\n     * @param  \\Closure  $next\n     * @return mixed\n     *\/\n    public function handle($request, Closure $next)\n    {\n        \/\/ \u4f7f\u7528CSRF\n        \/\/return parent::handle($request, $next);\n        \/\/ \u7981\u7528CSRF\n        return $next($request);\n    }\n\n}<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
\u5b98\u65b9\u6587\u6863\uff1ahttps:\/\/laravel.com\/docs\/5.5\/csrf \u5ba2\u6237\u7aef\u8bf7\u6c42\u8bbe\u7f6e \u8868\u5355\u6dfb\u52a0\u9690\u85cf\u57df  […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[72],"class_list":["post-171","post","type-post","status-publish","format-standard","hentry","category-laravel","tag-laravel"],"_links":{"self":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/171","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/comments?post=171"}],"version-history":[{"count":0,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/171\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/media?parent=171"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/categories?post=171"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/tags?post=171"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}