CakePHP的AJAX POST请求导致400响应(黑洞)

时间:2013-12-05 20:48:59

标签: jquery ajax cakephp ssl

我刚刚在运行Cake 2.3.8应用程序的Ubuntu 12.04 apache2服务器上添加了SSL。我确保在每次调用前添加https:// ...并使用grep确认。没有我知道的阻止脚本。当我尝试使用AJAX从JS文件向我的服务器发出AJAX后请求时,我收到类似

的错误 
The request has been black-holed
Error: The requested address '/sorts/available_spaces' was not found on this server.

在我的JS文件中,我发出了POST请求

$.post("https://www.mywebsite.com/sorts/available_spaces",{'customerID' : self.customerID, 'arrivalDate' : self.arrivalDate},function(data) {
    data = JSON.parse(data);
    for(i=0;i<data.length;i++){
        self.roomNumberList.push({spaceNumber: data[i].spaceNumber, roomID: data[i].roomID});
    }
});

在我的SortsController中,我甚至尝试设置访问控制源以允许所有内容和禁用安全性(暂时),但我仍然得到黑洞请求

//SortsController

var $components = array('Security');

public function beforeFilter(){
    $this->response->header('Access-Control-Allow-Origin', '*');
    $this->Security->unlockedActions = array('available_spaces', check_reservation');
    $this->Auth->allow('available_spaces','check_reservation');
    $this->Security->csrfCheck = false;
    $this->Security->validatePost = false;
    parent::beforeFilter();
}

即使在available_spaces方法中,也没有调用其他方法或SortsController之外的任何方法。我的Sort模型中没有任何内容,我的AppController中根本没有调用安全性。

这是堆栈跟踪。除了路由之外,我甚至没有看到SortsController或方法。

 CORE/Cake/Controller/Component/SecurityComponent.php line 241 → SecurityComponent->blackHole(SortsController, string)
[internal function] → SecurityComponent->startup(SortsController)
CORE/Cake/Utility/ObjectCollection.php line 132 → call_user_func_array(array, array)
[internal function] → ObjectCollection->trigger(CakeEvent)
CORE/Cake/Event/CakeEventManager.php line 248 → call_user_func(array, CakeEvent)
CORE/Cake/Controller/Controller.php line 675 → CakeEventManager->dispatch(CakeEvent)
CORE/Cake/Routing/Dispatcher.php line 184 → Controller->startupProcess()
CORE/Cake/Routing/Dispatcher.php line 162 → Dispatcher->_invoke(SortsController, CakeRequest, CakeResponse)
APP/webroot/index.php line 118 → Dispatcher->dispatch(CakeRequest, CakeResponse)

1 个答案:

答案 0 :(得分:6)

预计通过Ajax发布的帖子不会与启用的安全组件一起使用。

根据http://whatswhat.no/development/framework/cakephp-2/465-making-a-jquery-ajax-call-with-security-component-activated-in-cakephp-2,您需要将您的操作添加到安全组件的未锁定操作中:

public function beforeFilter() {
        parent::beforeFilter();
        $this->Security->unlockedActions = array('ajax_action');
}
相关问题
最新问题