我認爲用了jQuery POST數據發送到我的控制器,但它的失敗,我得到以下錯誤,當安全問題工作是通過一起去除該控制器中的安全性。發送POST請求王氏CakePHP的
這裏的控制器有問題的前過濾器
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('help','submit_bank_info');
$this->Auth->authorize = 'Controller';
}
如果看到這個蛋糕上的文檔
When using the Security Component you must use the FormHelper to create your forms. In addition, you must not override any of the fields’ 「name」 attributes. The Security Component looks for certain indicators that are created and managed by the FormHelper (especially those created in create() and end()). Dynamically altering the fields that are submitted in a POST request (e.g. disabling, deleting or creating new fields via JavaScript) is likely to trigger a black-holing of the request. See the $validatePost or $disabledFields configuration parameters.
我使用的版本2.3.8。有什麼方法可以禁用該操作,以便我可以爲其他操作保留安全組件?
確實/設置/幫助或確實/幫助工作? – Adder
是的,但那些不是基於javascript/jquery的表單。他們是用表單助手構建的。出於幾個原因,我不得不使用javascript/jquery作爲「submit_bank_info」。我正在使用平衡付款卡處理。 – user1406951