Question

我正在 localhost:3000 上运行带有 clojure 的服务器。服务器与客户端对话，这是一个使用 axios 与服务器对话的本机应用程序。但是，与服务器的通信返回 403 错误。

调用服务器：


export const invest = (itemid, amount) => async dispatch => {
  console.log("investing in actions")
   const domain = 'localhost:3000'
  const res = axios.post(domain + '/api/invest', {itemid: itemid, amount: amount});
  console.log("response is", res)
  dispatch({ type: INVESTED, payload:res.data});
}

Server 包含一个名为“/api/invest”的 reitit 路由，该路由将调用一个名为 features/invest 的函数。但相反，我在客户端收到 403 错误：

(ns humboiserver.routes.home
  (:require
   [humboiserver.layout :as layout]
   [clojure.java.io :as io]
   [humboiserver.middleware :as middleware]
   [ring.util.response]
   [ring.util.http-response :as response]
   [humboiserver.routes.featured :as featured]))

(defn home-page [request]
  (layout/render request "home.html" {:docs (-> "docs/docs.md" io/resource slurp)}))

(defn about-page [request]
  (layout/render request "about.html"))

(defn home-routes []
  [""
   {:middleware [middleware/wrap-csrf
                 middleware/wrap-formats]}
   ["/" {:get home-page}]
   ["/api"
    ["/about" {:get about-page}]
    ["/featured" featured/get-featured]
    ["/invest" featured/invest]
    ]
   ])

即使是投资的 prn 语句也不会打印在日志中。

;; featured/invest function.
(defn response [data & [status]]
  {:status (or status 200)
   :headers {"Content-Type" "application/json"
             "Access-Control-Allow-Headers" "Content-Type"
             "Access-Control-Request-Method" "GET, OPTIONS"
             "Access-Control-Allow-Origin" "*"
             "Access-Control-Allow-Credentials" true
             }
   :body (pr-str data)})


(defn invest [req]
  (prn "invested")
  (response (db/find "featured" {})))

403 错误：

[Warning] Possible Unhandled Promise Rejection (id: 0): (AppEntry.bundle, line 42288)
Error: Request failed with status code 403
createError@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:156390:26
settle@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:156380:25
handleLoad@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:156280:15
dispatchEvent@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:32753:31
setReadyState@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:31822:27
__didCompleteResponse@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:31653:29
emit@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:7566:42
__callFunction@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:3195:36
http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:2927:31
__guard@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:3149:15
callFunctionReturnFlushedQueue@http://127.0.0.1:19000/node_modules/expo/AppEntry.bundle?platform=ios&dev=true&hot=false&minify=false:2926:21
callFunctionReturnFlushedQueue@[native code]
http://localhost:19000/debugger-ui/debuggerWorker.aca173c4.js:4:907

如何修复这个错误？

Answer 1

嗨，如果我没记错的话，你需要发送一个防伪令牌......

https://github.com/ring-clojure/ring-anti-forgery

您可以使用 curl 来测试通过命令行访问您的服务器

向服务器发送请求时出现 403 错误。服务器包含核心标头

1 个答案: