javascript - Invalid CSRF Token using Ajax -

-

i using purely javascript access web services built spring. when tried use ajax post call 1 of services encountered issue csrf.

the ajax call lines of:

var data = {'attribute1':'1','attribute2':'2'};  $.ajax({     type: "post",     url: url,     data: data,     success: function(data)     {            if (typeof inputid !== 'undefined') {             $("#"+inputid).val(json.stringify(data));         }         console.log(json.stringify(data));         }   });

i have been searching web, found update backend (jsp, php) populate attribute "${_csrf.parametername}" in form. however, not using backend, page html , javascript only.

csrf_token cookie sent down , stored in browser web framework/server. typically when posting via ajax call you're doing... need send csrf_token value part of json data. that... need use javascript find cookie name , obtain value. need assign value right variable name server expecting see. instance,

var data = { crsf_token_name_server_expects: csrf_token_value_i_obtained };

the csrf_token used ensure people communicating api accessed site , created valid session before trying post data it. user on google.com cannot post stackoverflow.com unless stackoverflow.com set's called cors header allows communication between google.com , stackoverflow.com go through.

based on question... said you're posting backend api powered java spring. api expects csrf_token sounds it's api supposed used domain name service setup. instance, user goes google.com , makes post www.google.com/url_to_post_to/. google ensure csrf_token sent request... not want people randomly accessing api url... without having valid google session.


Comments

Post a Comment

Popular posts from this blog

ios - MKAnnotationView layer is not of expected type: MKLayer -

-
Image
so code works fine logger riddled message. there way rid of or suppress it? postannotation.swift class postannotation: mkpointannotation { //mark: properties let post: post //mark: initialization init(post: post) { self.post = post super.init() self.coordinate = cllocationcoordinate2d(latitude: post.latitude, longitude: post.longitude) self.title = post.title self.subtitle = post.timestring() } } adding annotation let annotation = postannotation(post: post) self.map.addannotation(annotation) func mapview func mapview(_ mapview: mkmapview, viewfor annotation: mkannotation) -> mkannotationview? { if annotation mkuserlocation { return nil } var annotationview = mapview.dequeuereusableannotationview(withidentifier: "pin") as? mkpinannotationview if annotationview == nil { annotationview = mkpinannotationview(annotation: annotation, reuseidentifier: "pin")
Read more

ZeroMQ on Windows, with Qt Creator -

-
i have installed zmq link given below on windows 7. http://zeromq.org/distro:microsoft-windows 1) have c++ project in qt-creator , i'm using zmq c++ binding (zhelpers.hpp etc). 2) have added .lib installed zmq folder qtcreator 3) while compiling, compiler looks _imp__zmq_verion, in .dll files present in .lib have __imp_zmq_version. 4) causing undefined reference zmq_version. anyone else faced problem , has solution ?
Read more

unity3d - Unity SceneManager.LoadScene quits application -

-
i have 2 different scenes 1 named 'main' , other 'game' both added scenes in load. when use scenemanager.loadscene("game"); works no problem when tried return main scene code if (input.getkeydown (keycode.escape)) { scenemanager.loadscene("main"); } strangely game quits. thanks. sorry interruption. somewhere on other script found code. if (input.getkeydown (keycode.escape)) { application.quit (); } that's bad, know...
Read more