当我在使用Compojure模板创建的Clojure Webapp项目中尝试使用POST方法时,我得到一个“ Invalid anti-forgery token ” .
我研究过,Ring中间件创建了CSRF(跨站点请求表单)令牌,用于来自其他站点的经过身份验证的请求(使用已登录的其他人的凭据并访问不允许访问的页面) .
这些令牌是默认的,我们需要使用ring.middleware 's wrap-params around our WebApp. Couldn' t得到任何地方 . 请帮忙 !!如何摆脱 Invalid anti-forgery token .
我的handler.clj文件是:
(ns jsonparser-webapp.handler
(:require [compojure.core :refer :all]
[compojure.route :as route]
[jsonparser-webapp.views :as views])
(:use [ring.middleware.params :only [wrap-params]])
(defroutes app-routes
(GET "/"
[]
(views/home-page))
(GET "/goto"
[]
(views/goto))
(POST "/posted"
{params :params}
(views/posted params))
(route/not-found "Not Found"))
(def app
(wrap-params app-routes site-defaults))
我的views.clj文件是
(ns jsonparser-webapp.views
(:require [hiccup.page :as hic-p]
[hiccup.form :as hf]))
(defn gen-page-head
[title]
[:head
[:title title]])
(defn home-page
[]
(hic-p/html5
(gen-page-head "Json Parser Home.")
[:h1 "Welcome."]
[:p "Json Web App."]
[:a {:href "http://localhost:3000/goto"} "Goto"]
[:p (hf/form {:action "/posted" :method "POST"}
(hf/text-field "TextInput")
(hf/submit-button "Submit"))]))
(defn goto
[]
(hic-p/html5
(gen-page-head "Goto Page.")
[:h1 "Hi."]
[:p "Go where?"]))
(defn posted
[{:keys [x]}]
(hic-p/html5
(gen-page-head "Posted.")
[:h1 "You posted."]
[:p x]))
在Eclipse CounterClockwise中使用Clojure的Compojure模板创建的项目 .
1 回答
您必须将
(anti-forgery-field)
添加到表单中,以便将防伪标记注入POST参数 .像这样: