TokenMismatch只有某些浏览器 - Laravel 5 Fresh / Production

时间:2015-04-01 00:22:06

标签: php session laravel browser

一个示例浏览器: IE 11:Mozilla / 5.0(Windows NT 6.1; WOW64; Trident / 7.0; rv:11.0),如Gecko

会议于22:46:56开始。填写表格。在22:53:18提交表格,得到TokenMismatchException。所以只有6分钟后。

会话开始:

Apr 02 22:46:56 production.INFO: Session {"start":1428040016,"id":"8040cc779df0330855f8fa30483af63557aaf9c4","token":"L3nU4ehseV5w1iXy86g18FsgnVs6sAcDNjTUZ5QV","ip":"74.XX","method":"GET","url":"https://sub.domain.com/place-st","ua":"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"} []

用户在6分钟后提交表格:

Apr 02 22:53:18 production.DEBUG: REQUEST SESSION token: 8L3pba9ALBVBcrvIPM5wnTl7bP0slSIrjCAkfWzh [] [] Apr 02 22:53:18 production.DEBUG: REQUEST INPUT _token: L3nU4ehseV5w1iXy86g18FsgnVs6sAcDNjTUZ5QV [] [] Apr 02 22:53:18 production.DEBUG: REQUEST HEADER X-CSRF-TOKEN: [] [] Apr 02 22:53:18 production.DEBUG: REQUEST HEADER X-XSRF-TOKEN: [] [] Apr 02 22:53:18 production.DEBUG: REQUEST URL: https://sub.domain.com/requests/post [] []

服务器Vars:

Apr 02 22:53:18 production.DEBUG: array ( 'USER' => 'forge', 'HOME' => '/home/forge', 'FCGI_ROLE' => 'RESPONDER', 'APP_ENV' => 'production', 'QUERY_STRING' => '', 'REQUEST_METHOD' => 'POST', 'CONTENT_TYPE' => 'application/x-www-form-urlencoded', 'CONTENT_LENGTH' => '867', 'SCRIPT_FILENAME' => '/home/forge/doamin.com/public/index.php', 'SCRIPT_NAME' => '/index.php', 'REQUEST_URI' => '/requests/post', 'DOCUMENT_URI' => '/index.php', 'DOCUMENT_ROOT' => '/home/forge/doamin.com/public', 'SERVER_PROTOCOL' => 'HTTP/1.1', 'GATEWAY_INTERFACE' => 'CGI/1.1', 'SERVER_SOFTWARE' => 'nginx/1.6.2', 'REMOTE_ADDR' => '74.XX', 'REMOTE_PORT' => '56563', 'SERVER_ADDR' => '104.XX', 'SERVER_PORT' => '443', 'SERVER_NAME' => 'doamin.com', 'HTTPS' => 'on', 'REDIRECT_STATUS' => '200', 'HTTP_ACCEPT' => 'text/html, application/xhtml+xml, */*', 'HTTP_REFERER' => 'https://sub.domain.com/place-st', 'HTTP_ACCEPT_LANGUAGE' => 'en-US', 'HTTP_USER_AGENT' => 'Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko', 'HTTP_CONTENT_TYPE' => 'application/x-www-form-urlencoded', 'HTTP_ACCEPT_ENCODING' => 'gzip, deflate', 'HTTP_HOST' => 'sub.domain.com', 'HTTP_CONTENT_LENGTH' => '867', 'HTTP_CONNECTION' => 'Keep-Alive', 'HTTP_CACHE_CONTROL' => 'no-cache', 'PHP_SELF' => '/index.php', 'REQUEST_TIME_FLOAT' => 1428040398.7879851, 'REQUEST_TIME' => 1428040398, ) [] []

会话/曲奇

Apr 02 22:53:18 production.DEBUG: REQUEST PATH: requests/post [] [] Apr 02 22:53:18 production.DEBUG: COOKIE: array ( ) [] [] Apr 02 22:53:18 production.DEBUG: SESSION: array ( '_token' => '8L3pba9ALBVBcrvIPM5wnTl7bP0slSIrjCAkfWzh', ) [] []

HTTP请求:

Apr 02 22:53:18 production.DEBUG: POST /requests/post HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Encoding: gzip, deflate Accept-Language: en-US Cache-Control: no-cache Connection: Keep-Alive Content-Length: 867 Content-Type: application/x-www-form-urlencoded Host: sub.domain.com Referer: https://sub.domain.com/place-st User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko _token=L3nU4ehseV5w1iXy86g18FsgnVs6sAcDNjTUZ5QV&var=value&var2=value2&etc... [] []

3 个答案:

答案 0 :(得分:1)

这听起来很多就像Laravel的这个已知问题一样:https://github.com/laravel/framework/issues/8172

原因尚不清楚,而且已经持续了一段时间。有很多聪明人在研究它 - 但问题的明显随机性使得调试变得困难。

我建议您将您的信息提供给该机票,并留意那里以获取更多信息。具体而言,我们需要尽可能多的有关您的服务器配置和应用配置的信息 - 因此我们可以尝试复制该问题。到目前为止,复制的确切方法尚不清楚,难以修复。

答案 1 :(得分:0)

该问题很可能与浏览器无关。我相信有些人等了太久,会议到期了。提交带有过期会话的表单后,会发生TokenMismatchException。

对于调试,您可以在创建每个会话时保存到日志,以查看它是否应该过期,您还可以在session.php中使用会话生存期

答案 2 :(得分:0)

这可能是一个长镜头,但问题的根源可能是IE的兼容模式和使用这些模式的不同会话。

你可以尝试在get和post页面上添加这一行:

header("X-UA-Compatible: IE=Edge");
相关问题
最新问题