Disable Yii2 CSRF on specific actions
来源:互联网 发布:淘宝视频直播怎么弄 编辑:程序博客网 时间:2024/06/06 17:04
转载地址:https://sammaye.wordpress.com/2014/06/09/disable-yii2-csrf-on-specific-actions/
Disable Yii2 CSRF on specific actions
I needed to disable the Yii2 CSRF on specific actions recently, mainly due to the action being called from an external source.
What I did was extend the Request object like so:
<?php namespace common\components; use Yii; class Request extends \yii\web\Request{ public $noCsrfRoutes = []; public function validateCsrfToken() { if( $this->enableCsrfValidation && in_array(Yii::$app->getUrlManager()->parseRequest($this)[0], $this->noCsrfRoutes) ){ return true; } return parent::validateCsrfToken(); }
and then added the request component to my config like so:
'request' => [ 'class' => 'common\components\Request', 'noCsrfRoutes' => [ 'order/calculate-ns-shipping' ]],
And that works.
0 0
- Disable Yii2 CSRF on specific actions
- yii2 csrf
- yii2:csrf
- yii2 - 增加actions
- Yii2 GridView 修改actions
- yii2之CSRF验证
- 【Yii2】yii2学习之CSRF验证
- yii2学习之CSRF验证
- yii2学习之CSRF验证
- yii2.0的csrf问题
- Why disable specific warning not working in Visual Studio
- Yii2 关闭和打开csrf 验证
- Yii2.0防御csrf攻击方法
- yii2.0源码实现csrf验证
- yii2 csrf可能会出现的问题
- yii2利用csrf防止表单重复提交
- yii2框架-yii2的防御csrf攻击机制(十六)
- yii2框架-yii2局部关闭(开启)csrf的验证(十七)
- 图层动画
- redis主从复制配置
- 用ADT的FileExplorer查看android手机中的数据库
- 网络获取图片
- 数字广告领域的若干专业词汇汇总
- Disable Yii2 CSRF on specific actions
- Jenkins 配置
- zmq安装与使用
- linux命令之cat
- yii 2.0 写入日志
- jquery ajax post 方法传送object 的list 数据给后台
- 从Yii2的Request看其CSRF防范策略
- 八数码问题
- 分析并统计一个文本文件中各个词出现的频率