加载CSRF令牌上轨与AJAX令牌、加载、CSRF、AJAX
我决定只用单一的页面加载来实现我的Rails的网站,并通过AJAX做的一切。问题是,是无效的,一旦使用它在元产生的CSRF令牌提交注册或登入资讯形式。我怎样才能更新无需重新加载页面?
I've decided to implement my Rails site with only a single page load, and do everything else via AJAX. The problem is that the CSRF token which is generated in meta is invalidated once used to submit a signup or signin form. How can I update it without reloading the page?
推荐答案
您可以在您的Ajax调用的PUT,POST方法使用beforeSend如下图所示。
$阿贾克斯({
键入:POST,
beforeSend:功能(XHR){xhr.setRequestHeader(X-CSRF令牌',$('元[NAME =CSRF令牌])ATTR(内容))},
网址:您的网址,
数据:数据
});
You can use beforeSend like below in your ajax call for put, post methods.
$.ajax({
type: 'POST',
beforeSend: function(xhr) {xhr.setRequestHeader('X-CSRF-Token', $('meta[name="csrf-token"]').attr('content'))},
url: your url,
data: data
});
