Symfony3 中的错误 "The CSRF token is invalid. Please try to resubmit the form"
Error "The CSRF token is invalid. Please try to resubmit the form" in Symfony3
问题
FOS 用户捆绑表单(登录、注册等)工作正常,但不是我自己的表单,给我:
The CSRF token is invalid. Please try to resubmit the form
当我尝试在下面创建资源时:
http://www.project.local/app_dev.php/developer/new
甚至:
http://www.project.local/developer/new
环境
- OS X EL Capitan 64 位
- 网络服务器:
- 服务器:Apache 2.4.16
- 服务器 API:Apache 2.0 处理程序 (mod_php7)
- 线程安全:禁用
- 文档根目录:
/Library/WebServer/Documents/project/web
- PHP:
7.1.2
- Symfony:
3.2.*
- 代码库生成使用
- FOS 用户包:
~2.0@dev
- KNP 菜单包:
^2.0
app/config/config.yml
framework:
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
#serializer: { enable_annotations: true }
templating:
engines: ['twig']
trusted_hosts: ~
trusted_proxies: ~
session:
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%"
fragments: ~
http_method_override: true
# Twig Configuration
twig:
debug: "%kernel.debug%"
strict_variables: "%kernel.debug%"
form_themes:
- 'form/form_div_layout.html.twig'
app/config/security.yml
security:
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
开发者控制器
public function newAction(Request $request)
{
$developer = new Developer();
$form = $this->createForm(DeveloperType::class, $developer);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$em = $this->getDoctrine()->getManager();
$em->persist($developer);
$em->flush($developer);
return $this->redirectToRoute('developer_show', array('id' => $developer->getId()));
}
return $this->render('BackendBundle:Developer:new.html.twig', array(
'developer' => $developer,
'form' => $form->createView(),
));
}
开发者类型
class DeveloperType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options) {
$builder->add('user');
}
public function configureOptions(OptionsResolver $resolver) {
$resolver->setDefaults(array(
'data_class' => Developer::class
));
}
public function getBlockPrefix() {
return 'backendbundle_developer';
}
}
表单 - 模板
{{ form_start(form) }}
{{ form_widget(form) }}
<button type="submit" name="{{ form.vars.name }}">Create</button>
{{ form_end(form) }}
表单 - 已生成
表单始终具有隐藏的 _token 输入字段 存在。
<form name="form_name" method="post" class="ui form">
<input type="hidden" name="form_name[_token]" value="YefVvhSvvNTItjw7ayDFwFi4sdf_6oOvsQjnUu9X7cw">
<button type="submit" name="form_name">Create</button>
</form>
(form_name 等于 backendbundle_developer)
我做了什么?
在 Google 上搜索了几个小时,并阅读了 Stack Overflow 上的所有类似问题,包括上述内容
重新检查文件系统权限
httpd 进程在 _www 用户下 运行,因此:
sudo chown -R _www var/
sudo chmod -R 775 var/
在var/sessions/下成功创建和更新会话文件
已更改 app/config/config.yml 条目
session:
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%"
至
session:
handler_id: session.handler.native_file
save_path: ~
完全没有成功。
类似问题
这不是这些类似问题的重复:
symfony2 CSRF invalid
The CSRF token is invalid. Please try to resubmit the form
Symfony2: The CSRF token is invalid. Please try to resubmit the form
Symfony2 The CSRF token is invalid. Please try to resubmit the form
“The CSRF token is invalid” error in symfony 2 even using form_rest(form) function
Symfony isValid False CSRF token is invalid
Symfony 2. CSRF token is invalid
你应该改变这个
<button type="submit" name="form_name">Create</button>
有了这个
<button type="submit" name="form_name[submit]">Create</button>
问题
FOS 用户捆绑表单(登录、注册等)工作正常,但不是我自己的表单,给我:
The CSRF token is invalid. Please try to resubmit the form
当我尝试在下面创建资源时:
http://www.project.local/app_dev.php/developer/new
甚至:
http://www.project.local/developer/new
环境
- OS X EL Capitan 64 位
- 网络服务器:
- 服务器:Apache 2.4.16
- 服务器 API:Apache 2.0 处理程序 (mod_php7)
- 线程安全:禁用
- 文档根目录:
/Library/WebServer/Documents/project/web - PHP:
7.1.2
- Symfony:
3.2.* - 代码库生成使用
- FOS 用户包:
~2.0@dev - KNP 菜单包:
^2.0
app/config/config.yml
framework:
secret: "%secret%"
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
#serializer: { enable_annotations: true }
templating:
engines: ['twig']
trusted_hosts: ~
trusted_proxies: ~
session:
handler_id: session.handler.native_file
save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%"
fragments: ~
http_method_override: true
# Twig Configuration
twig:
debug: "%kernel.debug%"
strict_variables: "%kernel.debug%"
form_themes:
- 'form/form_div_layout.html.twig'
app/config/security.yml
security:
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
开发者控制器
public function newAction(Request $request)
{
$developer = new Developer();
$form = $this->createForm(DeveloperType::class, $developer);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$em = $this->getDoctrine()->getManager();
$em->persist($developer);
$em->flush($developer);
return $this->redirectToRoute('developer_show', array('id' => $developer->getId()));
}
return $this->render('BackendBundle:Developer:new.html.twig', array(
'developer' => $developer,
'form' => $form->createView(),
));
}
开发者类型
class DeveloperType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options) {
$builder->add('user');
}
public function configureOptions(OptionsResolver $resolver) {
$resolver->setDefaults(array(
'data_class' => Developer::class
));
}
public function getBlockPrefix() {
return 'backendbundle_developer';
}
}
表单 - 模板
{{ form_start(form) }}
{{ form_widget(form) }}
<button type="submit" name="{{ form.vars.name }}">Create</button>
{{ form_end(form) }}
表单 - 已生成
表单始终具有隐藏的 _token 输入字段 存在。
<form name="form_name" method="post" class="ui form">
<input type="hidden" name="form_name[_token]" value="YefVvhSvvNTItjw7ayDFwFi4sdf_6oOvsQjnUu9X7cw">
<button type="submit" name="form_name">Create</button>
</form>
(form_name 等于 backendbundle_developer)
我做了什么?
在 Google 上搜索了几个小时,并阅读了 Stack Overflow 上的所有类似问题,包括上述内容
重新检查文件系统权限
httpd进程在_www用户下 运行,因此:sudo chown -R _www var/ sudo chmod -R 775 var/在
var/sessions/下成功创建和更新会话文件已更改
app/config/config.yml条目session: handler_id: session.handler.native_file save_path: "%kernel.root_dir%/../var/sessions/%kernel.environment%"至
session: handler_id: session.handler.native_file save_path: ~
完全没有成功。
类似问题
这不是这些类似问题的重复:
symfony2 CSRF invalid
The CSRF token is invalid. Please try to resubmit the form
Symfony2: The CSRF token is invalid. Please try to resubmit the form
Symfony2 The CSRF token is invalid. Please try to resubmit the form
“The CSRF token is invalid” error in symfony 2 even using form_rest(form) function
Symfony isValid False CSRF token is invalid
Symfony 2. CSRF token is invalid
你应该改变这个
<button type="submit" name="form_name">Create</button>
有了这个
<button type="submit" name="form_name[submit]">Create</button>