有没有一种方法可以检查用户是否没有操纵表格?在我的表单中,我获得了所有可用的条目,但是如果用户在浏览器中更改值id,我只会得到一个错误。任何提示:)?
WebDriver driver;
ChromeDriverService driverService = ChromeDriverService.createDefaultService();
try {
driver = new ChromeDriver(driverService, options);
}catch(Throwable t) {
APP_LOGS.error(t.getMessage());
t.printStackTrace();
}
driver.manage().timeouts().implicitlyWait(30, TimeUnit.SECONDS);
/**** DOWNLOAD HACK ON HEADLESS BROWSERS *****/
Map<String, Object> commandParams = new HashMap<>();
commandParams.put("cmd", "Page.setDownloadBehavior");
Map<String, String> params = new HashMap<>();
params.put("behavior", "allow");
params.put("downloadPath", downloadFilepath);
commandParams.put("params", params);
ObjectMapper objectMapper = new ObjectMapper();
HttpClient httpClient = HttpClientBuilder.create().build();
try {
String command = objectMapper.writeValueAsString(commandParams);
String u = driverService.getUrl().toString() + "/session/" + ((RemoteWebDriver)driver).getSessionId() + "/chromium/send_command";
APP_LOGS.debug(u);
HttpPost request = new HttpPost(u);
request.addHeader("content-type", "application/json");
request.setEntity(new StringEntity(command));
httpClient.execute(request);
}catch (Exception e) {
APP_LOGS.debug(e.getMessage());
}
答案 0 :(得分:0)
您可以选择只读
<select name="product_id" class="form-control" required readonly>
但是用户可以通过devtools更改html
您也可以像这样在后端进行检查
if ($products->pluck('id')->diff(request()->input('product_id'))->empty()) {
//not changed
}
答案 1 :(得分:0)
您可以使用规则来验证接收到的数据,例如:
use Illuminate\Validation\Rule;
Validator::make($data, [
'product_id' => [
'required',
Rule::in([/*array of products ids here*/]),
],
]);
看看https://laravel.com/docs/5.8/validation#rule-in
您可以使用存在的方式:
Validator::make($data, [
'product_id' => [
'required',
'exists:table_name,column_name'
],
]);