Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/javascript/471.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/node.js/37.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Javascript 无法使用ExpressJS和CSRF发布_Javascript_Node.js_Express_Post_Csrf - Fatal编程技术网
Fatal编程技术网
  • javascript/
  • Javascript 无法使用ExpressJS和CSRF发布

Javascript 无法使用ExpressJS和CSRF发布

javascript node.js express post

Javascript 无法使用ExpressJS和CSRF发布,javascript,node.js,express,post,csrf,Javascript,Node.js,Express,Post,Csrf,我是node.js和express的新手,我试图用令牌保护一些url。我正确生成了令牌,但当我使用此令牌发布表单时,我的浏览器中出现了一个错误,文本为“Cannot post/process”,其中/process是我从表单发送数据的url。在我的控制台中,我没有任何错误。所以,我不知道发生了什么或我做错了什么:( 代码分为三个文件,主文件名为(index.js),其中我需要第二个文件(routes api.js)和表单中的html文件 index.js //Creación de un ser

我是node.js和express的新手,我试图用令牌保护一些url。我正确生成了令牌,但当我使用此令牌发布表单时,我的浏览器中出现了一个错误,文本为“Cannot post/process”,其中/process是我从表单发送数据的url。在我的控制台中,我没有任何错误。所以,我不知道发生了什么或我做错了什么:(

代码分为三个文件,主文件名为(index.js),其中我需要第二个文件(routes api.js)和表单中的html文件

index.js

//Creación de un servidor con express
const express = require("express");
const app = express();  //Inicializamos express

//Accedemos a otros módulos
const morgan = require("morgan");
const bodyParser = require("body-parser");
const jwt = require("jsonwebtoken");
const cookieParser = require('cookie-parser');

//Accedemos a propiedades de configuración
const config = require("./config");

//Rutas
const routes = require("./routes");
const routesAPI = require("./routes-api");

//Settings
app.set("app-name", config.server);
app.set("port", config.port);
app.set("super-secret", config.secret);

//Middlewares
// use body parser so we can get info from POST and/or URL parameters
app.use(bodyParser.urlencoded({extended: false}));
app.use(bodyParser.json());
app.use(morgan("dev")); //Log request to the console
app.use(cookieParser());

app.use((req, res, next) => {
    console.log("Pasamos por la segunda función!!!");
    next();
});

//Routing
app.use("/api", routesAPI);
app.use(routes);

//Server
app.listen(app.get("port"), () => {
    console.log("Servidor " +  app.get("app-name") + " escuchando!!!");
});   //Creamos el servidor con express

const csrf = require('csurf');
const path = require("path");
const bodyParser = require("body-parser");
const express = require("express");
const router = express.Router();

// setup route middlewares
var csrfProtection = csrf({ cookie: true });
var parseForm = bodyParser.urlencoded({ extended: false });

router.get("/", csrfProtection, (req, res) => {
    console.log("crsf: " + req.csrfToken());
    res.sendFile(path.join(__dirname + '/send.html'), { csrfToken: req.csrfToken() });    
});

router.post('/process', parseForm, csrfProtection, function(req, res) {
    console.log("csrf: " + req.body._csrf + " color: " + req.body.favoriteColor);
    res.send('data is being processed');
});

module.exports = router;
路由api.js

//Creación de un servidor con express
const express = require("express");
const app = express();  //Inicializamos express

//Accedemos a otros módulos
const morgan = require("morgan");
const bodyParser = require("body-parser");
const jwt = require("jsonwebtoken");
const cookieParser = require('cookie-parser');

//Accedemos a propiedades de configuración
const config = require("./config");

//Rutas
const routes = require("./routes");
const routesAPI = require("./routes-api");

//Settings
app.set("app-name", config.server);
app.set("port", config.port);
app.set("super-secret", config.secret);

//Middlewares
// use body parser so we can get info from POST and/or URL parameters
app.use(bodyParser.urlencoded({extended: false}));
app.use(bodyParser.json());
app.use(morgan("dev")); //Log request to the console
app.use(cookieParser());

app.use((req, res, next) => {
    console.log("Pasamos por la segunda función!!!");
    next();
});

//Routing
app.use("/api", routesAPI);
app.use(routes);

//Server
app.listen(app.get("port"), () => {
    console.log("Servidor " +  app.get("app-name") + " escuchando!!!");
});   //Creamos el servidor con express

const csrf = require('csurf');
const path = require("path");
const bodyParser = require("body-parser");
const express = require("express");
const router = express.Router();

// setup route middlewares
var csrfProtection = csrf({ cookie: true });
var parseForm = bodyParser.urlencoded({ extended: false });

router.get("/", csrfProtection, (req, res) => {
    console.log("crsf: " + req.csrfToken());
    res.sendFile(path.join(__dirname + '/send.html'), { csrfToken: req.csrfToken() });    
});

router.post('/process', parseForm, csrfProtection, function(req, res) {
    console.log("csrf: " + req.body._csrf + " color: " + req.body.favoriteColor);
    res.send('data is being processed');
});

module.exports = router;
send.html

<form action="/process" method="POST">
    <input type="text" name="_csrf" value="{{csrfToken}}">

    Favorite color: <input type="text" name="favoriteColor">
    <button type="submit">Submit</button>
</form>


最喜欢的颜色:
提交
当我将表单发送到服务器时,出现错误“无法发布/处理”是我做错了什么?

我不是express用户,但URL不应该是/api/process?在表单操作中?OMG!!!真是个错误!!!非常感谢@akaphenom!!!