1. 首頁
  2. 問答
  3. Laravel 5.2禁用csrf_token

Laravel 5.2禁用csrf_token

2016-10-04 48 views
1

如何禁用CsrfToken僅用於此路由?當我使用網絡中間件不起作用時,當我使用這種方式不起作用。請幫助 這是我的路由器:Laravel 5.2禁用csrf_token

Route::post('payment_check/{order_id}', ['as' => 'payment', 'uses' => 'users\[email protected]_check']);

,這裏是我的verifycsrftoken.php

protected $except = [ 
    'payment' 
];

和Kernel.php

protected $middleware = [ 
    \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, 
]; 

/** 
* The application's route middleware groups. 
* 
* @var array 
*/ 
protected $middlewareGroups = [ 
    'web' => [ 
     \App\Http\Middleware\EncryptCookies::class, 
     \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, 
     \Illuminate\Session\Middleware\StartSession::class, 
     \Illuminate\View\Middleware\ShareErrorsFromSession::class, 
     \App\Http\Middleware\VerifyCsrfToken::class, 
    ], 
    'api' => [ 
     'throttle:60,1', 
    ], 
]; 

/** 
* The application's route middleware. 
* 
* These middleware may be assigned to groups or used individually. 
* 
* @var array 
*/ 
protected $routeMiddleware = [ 
    'auth' => \App\Http\Middleware\Authenticate::class, 
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 
    'can' => \Illuminate\Foundation\Http\Middleware\Authorize::class, 
    'userAccess' => \App\Http\Middleware\userAccessMiddleWare::class, 
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 
];

來源

2016-10-04 Morteza Negahi

+0

csrf是防止跨站點請求僞造,禁用它是一件壞事! – lewis4u

回答

3

應該

protected $except = [ 
    'payment_check/*' 
];

在你的verifycsrftoken.p中hp

來源

2016-10-04 10:01:00

+0

定義路線除外,因爲@Mahfuzul提到它將跳過所有在payment_check路線下的csrf。 – iSensical

相關問題

 相關問題