VerifyCsrfToken.php第67行中的TokenMismatchException - 如何禁用中间件并将其设置为默认值

时间:2016-07-13 17:43:32

标签: laravel csrf laravel-middleware

我正在通过视频学习Laravel。我只用一个文本框和一个提交按钮创建了一个视图。单击提交按钮后,我在VerifyCsrfToken.php第67行中出现TokenMismatchException错误。

TokenMismatchException in VerifyCsrfToken.php line 67:

C:\xampp\htdocs\laravel_tut\vendor\laravel\framework\src\Illuminate\Foundation\Http\Middleware\VerifyCsrfToken.php line 67:
in VerifyCsrfToken.php line 67
at VerifyCsrfToken->handle(object(Request), object(Closure))
at call_user_func_array(array(object(VerifyCsrfToken), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 136
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in ShareErrorsFromSession.php line 49
at ShareErrorsFromSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(ShareErrorsFromSession), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 136
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in StartSession.php line 62
at StartSession->handle(object(Request), object(Closure))
at call_user_func_array(array(object(StartSession), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 136
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in AddQueuedCookiesToResponse.php line 37
at AddQueuedCookiesToResponse->handle(object(Request), object(Closure))
at call_user_func_array(array(object(AddQueuedCookiesToResponse), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 136
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in EncryptCookies.php line 59
at EncryptCookies->handle(object(Request), object(Closure))
at call_user_func_array(array(object(EncryptCookies), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 136
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 103
at Pipeline->then(object(Closure)) in Router.php line 726
at Router->runRouteWithinStack(object(Route), object(Request)) in Router.php line 699
at Router->dispatchToRoute(object(Request)) in Router.php line 675
at Router->dispatch(object(Request)) in Kernel.php line 246
at Kernel->Illuminate\Foundation\Http\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 52
at Pipeline->Illuminate\Routing\{closure}(object(Request)) in CheckForMaintenanceMode.php line 44
at CheckForMaintenanceMode->handle(object(Request), object(Closure))
at call_user_func_array(array(object(CheckForMaintenanceMode), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 136
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Illuminate\Routing\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 103
at Pipeline->then(object(Closure)) in Kernel.php line 132
at Kernel->sendRequestThroughRouter(object(Request)) in Kernel.php line 99
at Kernel->handle(object(Request)) in index.php line 54

我有PostsController:

//PostsController
<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

use App\Http\Requests;

class PostsController extends Controller
{
    ...

    public function create()
    {
        //
        return view('posts.create');
    }

    public function store(Request $request)
    {
        //
        return $request->all();
    }
    ...
}

routes.php文件:

Route::resource('/posts', 'PostsController');
Route::group(['middleware'=>['web']],function(){

});

create.blade.php:

@extends('layouts.app')

@section('content')

<form method="post" action="/posts">
    <input type="text" name="title" placeholder="Enter title">
    <input type="submit" name="submit">
</form>

我用谷歌搜索,大多数解决方案建议添加:

< meta name="csrf-token" content="{{ csrf_token() }}" />

但是我没有看到导师添加这一行。我注意到在他的路线:列表中,他的中间件列的值是空的,而我的是'web'

$ php artisan route:list
+--------+-----------+--------------------+---------------+----------------------------------------------+------------+
| Domain | Method    | URI                | Name          | Action                                       | Middleware |
+--------+-----------+--------------------+---------------+----------------------------------------------+------------+
|        | GET|HEAD  | insert             |               | Closure                                      | web        |
|        | POST      | posts              | posts.store   | App\Http\Controllers\PostsController@store   | web        |
|        | GET|HEAD  | posts              | posts.index   | App\Http\Controllers\PostsController@index   | web        |
|        | GET|HEAD  | posts/create       | posts.create  | App\Http\Controllers\PostsController@create  | web        |
|        | DELETE    | posts/{posts}      | posts.destroy | App\Http\Controllers\PostsController@destroy | web        |
|        | PUT|PATCH | posts/{posts}      | posts.update  | App\Http\Controllers\PostsController@update  | web        |
|        | GET|HEAD  | posts/{posts}      | posts.show    | App\Http\Controllers\PostsController@show    | web        |
|        | GET|HEAD  | posts/{posts}/edit | posts.edit    | App\Http\Controllers\PostsController@edit    | web        |
+--------+-----------+--------------------+---------------+----------------------------------------------+------------+

我认为如果我可以禁用此中间件,问题就会解决。但是,我也没有看到导师在他的任何项目中执行禁用步骤,所以我认为他默认设置它,所以中间件总是在任何项目中被禁用。我是否正在考虑修复此VerifyCsrfToken错误的正确方法?如果是这样,我如何禁用中间件并将其设置为其他项目的默认值?我正在使用Laravel 5.2.39和NetBeans IDE。

这是导师的路线:列表

tutor's route:list

3 个答案:

答案 0 :(得分:1)

谢天谢地,这很简单。

使用jQuery和Meta标签,您可以确保所有表单始终获得正确的标记:

$('form').each(function(i, form){
    var $form = $(form);

    if (! $form.find('input[name="_token"]').length) {
        $('form').prepend('<input type="hidden" name="_token" value="'+ $('meta[name="csrf-token"]').prop('content') +'"/>');
    }
});

或者您可以手动执行以下两种方式之一,您可以在下面看到:

<form method="post" action="/posts">
    <!-- pick one of these 2 -->
    {!! csrf_field() !!}
    <input type="text" name="_token" value="{{ csrf_token() }}"/>

    <input type="text" name="title" placeholder="Enter title">
    <input type="submit" name="submit">
</form>

答案 1 :(得分:0)

如果你想禁用Route :: group(['middleware'=&gt; ['web']]的路由的“web”中间件,你可以这样做:

file:app / Providers / RouteServiceProvider.php

删除此内容:'middleware'=&gt; '网页',

enter image description here

答案 2 :(得分:0)

您必须将CSRF保护字段添加到表单中:

// Blade Template Syntax
{{ csrf_field() }}

此处有更多详情: https://laravel.com/docs/5.2/routing#csrf-protection

相关问题
最新问题