当有人向disqus评论主题中的博客帖子发帖评论时,我正尝试向作者发送通知。在laravel中,我试图在filters.php中过滤csrf标记和ajax调用的csrf标记:
Route::filter('csrf_header', function()
{
if (Session::token() != Request::header('x-csrf-token'))
{
throw new Illuminate\Session\TokenMismatchException;
}
});
Route::filter('csrf', function()
{
if (Session::token() != Input::get('_token'))
{
throw new Illuminate\Session\TokenMismatchException;//line 126
}
});
当我发表评论时,我得到了:
{"error":{"type":"Illuminate\\Session\\TokenMismatchException","message":"","file":"\/home\/ytsejam\/public\/sirtcantalilar.com\/app\/filters.php","line":126}}
我尝试发表以下评论: 在view-post.blade.php中我添加了
<meta name="token" content="{{ Session::token() }}">
<script type="text/javascript">
var disqus_config = function() {
this.callbacks.onNewComment = [function(comment) {
$.ajax({
url: '/sendnotification',
type: 'POST',
headers: {
'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
},
data: { comment: comment.id, post:{{$post->id}}",author:"$post->author->id"},
dataType: 'JSON',
beforeSend: function(request) {
return request.setRequestHeader("X-CSRF-Token", $("meta[name='token']").attr('content'));
},
success: function(ev) {
},
error: function(xhr, error, status) {
}
});
}];
};
</script>
答案 0 :(得分:1)
经过很长一段时间,没有人回答我的问题,你可以用注释中的要点解决这个问题,其他选项是使用jquery:
$(function() {
$.ajaxSetup({
headers: {
'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
}
});
});
var disqus_config = function() {
this.callbacks.onNewComment = [function(comment) {
$.ajax({
url: '/sendnotification',
type: 'POST',
data: { comment: comment.id, post: "{{$post->id}}",author:"{{$author->id}}"},
dataType: 'JSON',
async: true,
success: function(data){
process(data)
}
});
}];
};
并在head部分添加csrf标记:
<meta name="csrf-token" content="<?= csrf_token() ?>">