如何为Laravel 4中的某个url禁用csrf令牌
标题中的问题是:如何仅对Laravel4中的某些url禁用CSRF令牌如何为Laravel 4中的某个url禁用csrf令牌,laravel,token,csrf,Laravel,Token,Csrf,标题中的问题是:如何仅对Laravel4中的某些url禁用CSRF令牌 我知道在Laravel 5中,除了中间件,变量$很容易使用,但在Laravel 4中,我找不到解决方案…一种方法是扩展VerifyCsrfToken,并在其中包含一个无csrf URL的数组: <?php namespace App\Http\Middleware; use Closure; use Illuminate\Session\TokenMismatchException; class VerifyCsr
我知道在Laravel 5中,除了中间件,变量$很容易使用,但在Laravel 4中,我找不到解决方案…一种方法是扩展VerifyCsrfToken,并在其中包含一个无csrf URL的数组:
<?php namespace App\Http\Middleware;
use Closure;
use Illuminate\Session\TokenMismatchException;
class VerifyCsrfToken extends \Illuminate\Foundation\Http\Middleware\VerifyCsrfToken {
protected $except_urls = [
'contact/create',
'contact/update',
...
];
public function handle($request, Closure $next)
{
$regex = '#' . implode('|', $this->except_urls) . '#';
if ($this->isReading($request) || $this->tokensMatch($request) || preg_match($regex, $request->path()))
{
return $this->addCookieToResponse($request, $next($request));
}
throw new TokenMismatchException;
}
}
您可以在那里找到更多详细信息:
您可以通过修改VerifyCrsfToken.php类和提供$openRoutes来实现这一点,是的,在涉及基类时您将玩火。:)
protected $middleware = [
...
'App\Http\Middleware\VerifyCsrfToken',
];
//app/Http/Middleware/VerifyCsrfToken.php
//add an array of Routes to skip CSRF check
private $openRoutes = ['free/route', 'free/too'];
//modify this function
public function handle($request, Closure $next)
{
//add this condition
foreach($this->openRoutes as $route) {
if ($request->is($route)) {
return $next($request);
}
}
return parent::handle($request, $next);
}