跨域POST CSRF令牌查询

时间:2014-12-20 03:03:07

标签: javascript http-post roblox 

function crossDomainPost() {
  var iframe = document.createElement("iframe");
  var uniqueString = "CHANGE_THIS_TO_SOME_UNIQUE_STRING";
  document.body.appendChild(iframe);
  iframe.style.display = "none";
  iframe.contentWindow.name = uniqueString;

  var form = document.createElement("form");
  form.target = uniqueString;
  form.action = "http://www.roblox.com/groups/api/change-member-rank?groupId=1223714&newRoleSetId=8113155&targetUserId=58806949";
  form.method = "POST";

  // repeat for each parameter
  var input = document.createElement("input");
  input.type = "hidden";
  input.name = "INSERT_YOUR_PARAMETER_NAME_HERE";
  input.value = "INSERT_YOUR_PARAMETER_VALUE_HERE";
  form.appendChild(input);

  document.body.appendChild(form);
  form.submit();
}

crossDomainPost()

这是输出错误:

POST http://www.roblox.com/groups/api/change-member-rank?groupId=1223714&newRoleSetId=8113155&targetUserId=58806949 403 (XSRF Token Validation Failed)

我怎么能让它不弹出?

我对跨域POST请求非常陌生。

我不需要随身携带任何数据..

0 个答案:

没有答案
相关问题
最新问题