Laravel5 csrf和ajax请求的问题

时间:2015-01-19 01:52:40

标签: ajax csrf laravel-5

我试图在laravel5中执行ajax请求,但它总是响应错误500。 这是我的代码

route.php

Route::post('manager/category/new', ['as' => 'category.store', 'uses' => 'CategoryController@store']);

HTML:

{!! Form::open(['id' => 'new-category-form']) !!} <div class="modal fade" id="new-category" tabindex="-1" role="dialog" aria-labelledby="new-category-label" aria-hidden="true">
    <div class="modal-dialog">
        <div class="modal-content">
            <div class="modal-header">
                <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
                <h4 class="modal-title" id="new-category-label">New category</h4>
            </div>
            <div class="modal-body">
                <form>
                    <div class="form-group">
                        <label for="parent-category-id" id="parent-category-name" class="control-label">Parent category: &xxx</label>
                        <input type="hidden" class="form-control" id="parent-category-id" name="parent_category_id">
                    </div>
                    <div class="form-group">
                        <label for="category-name" class="control-label">Category name:</label>
                        <input type="text" class="form-control" id="category-name" name="category_name" />
                    </div>
                </form>
            </div>
            <div class="modal-footer">
                <button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
                <button type="button" class="btn btn-primary">Add</button>
            </div>
        </div>
    </div> </div> {!! Form::close() !!}

JS:

$(document).ready(function(){
        $('#new-category').on('show.bs.modal', function (event) {
            var button = $(event.relatedTarget); // Button that triggered the modal
            var recipient = button.data('whatever');
            var modal = $(this);
            modal.find('#parent-category-name').html('Parent category: ' + recipient.name);
            modal.find('#parent-category-id').val(recipient.value);
            modal.find('.btn-primary').click(function(){
                console.log($('#new-category-form').serialize());
                console.log('{!!Session::token()!!}');
                $.ajax({
                    url: "{!!route('category.store')!!}",
                    context: $('#new-category-form').serialize(),
                    type: 'post'
                })
            });
        })
    });

我隐藏了“_token”及其匹配,但请求仍然失败

  

_token = Nt9S0uED4JZ7toALlGP6VY16w2aj4KCCENn0tapL &安培; parent_category_id = 0&安培; CATEGORY_NAME = 345345

     

session_token = Nt9S0uED4JZ7toALlGP6VY16w2aj4KCCENn0tapL

     

POST http://localhost:8000/manager/category/new 500(内部服务器   误差)

请帮助我:(

1 个答案:

答案 0 :(得分:0)

来自doc:

http://laravel.com/docs/master/routing#csrf-protection

“除了将CSRF令牌作为”POST“参数查找外,中间件还将检查X-CSRF-TOKEN请求标头。”

<meta name="csrf-token" content="{{ csrf_token() }}" />

$.ajaxSetup({
    headers: {
        'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
    }
});