FOSRestBundle 和无效形式的 CRF 令牌
FOSRestBundle & invalid form CRF token
我正在尝试实现 FOSRestBundle 和 Symfony 表单。
我找到了这个 tutorial but I have problem with this 部分
private function processForm(PageInterface $page, array $parameters, $method = "PUT")
{
$form = $this->formFactory->create(new PageType(), $page, array('method' => $method));
$form->submit($parameters, 'PATCH' !== $method);
if ($form->isValid()) { //form is not valid.
$page = $form->getData();
$this->om->persist($page);
$this->om->flush($page);
return $page;
}
throw new InvalidFormException('Invalid submitted data', $form);
}
ERROR: The CSRF token is invalid. Please try to resubmit the form.
Here 是教程中的控制器。这是我的 class 控制器:
public function newAction(Request $request)
{
$form = new EntryType();
$newEntry = $this->container->get('entries.entry.handler')->post(
$request->request->get($form->getName())
);
return View::create()
->setStatusCode(200)
->setFormat('json')
->setSerializationContext(SerializationContext::create()->setGroups(array('list')))
->setData($newEntry);
}
我应该跳过检查 isValid() 还是以某种方式解决这个问题?怎么样?
OK,现在清楚了。应禁用 CRF 验证 (csrf_protection)
CSRF token is invalid when calling rest post api from php Client
https://github.com/liuggio/symfony2-rest-api-the-best-2013-way/issues/1#issuecomment-31435232
CSRF validation needed or not when using RESTful API?
我正在尝试实现 FOSRestBundle 和 Symfony 表单。 我找到了这个 tutorial but I have problem with this 部分
private function processForm(PageInterface $page, array $parameters, $method = "PUT")
{
$form = $this->formFactory->create(new PageType(), $page, array('method' => $method));
$form->submit($parameters, 'PATCH' !== $method);
if ($form->isValid()) { //form is not valid.
$page = $form->getData();
$this->om->persist($page);
$this->om->flush($page);
return $page;
}
throw new InvalidFormException('Invalid submitted data', $form);
}
ERROR: The CSRF token is invalid. Please try to resubmit the form.
Here 是教程中的控制器。这是我的 class 控制器:
public function newAction(Request $request)
{
$form = new EntryType();
$newEntry = $this->container->get('entries.entry.handler')->post(
$request->request->get($form->getName())
);
return View::create()
->setStatusCode(200)
->setFormat('json')
->setSerializationContext(SerializationContext::create()->setGroups(array('list')))
->setData($newEntry);
}
我应该跳过检查 isValid() 还是以某种方式解决这个问题?怎么样?
OK,现在清楚了。应禁用 CRF 验证 (csrf_protection)
CSRF token is invalid when calling rest post api from php Client https://github.com/liuggio/symfony2-rest-api-the-best-2013-way/issues/1#issuecomment-31435232 CSRF validation needed or not when using RESTful API?