0

我正在使用 Tower.js 0.4.2-20。

我发送了 HTML FORM 标签的 GET 和 POST 请求。
'GET' 请求是没有问题的响应。但“POST”请求是返回以下错误。

我缺少路由器设置?

路线.咖啡:

Tower.Route.draw ->
  @resources 'service'
  @match '/service/add', to: 'service#add', via: 'post'

服务控制器.coffee:

class ServiceController extends App.ApplicationController
  index: ->
    @render text: "GET"
  create: ->
    @render text: "POST"
  add: ->
    @render text: "ADD"

索引.html:

<form method='POST' action='service/add'>
    <div><input type='submit' value='Add'></div>
</form>

错误 :

Error: Forbidden
at Object.exports.error (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/utils.js:44:13)
at Object.module.exports [as handle] (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/middleware/csrf.js:54:41)
at next (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/proto.js:190:15)
at multipart (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/middleware/multipart.js:57:27)
at module.exports (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/middleware/bodyParser.js:57:9)
at IncomingMessage.module.exports (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/middleware/urlencoded.js:68:11)
at IncomingMessage.EventEmitter.emit (events.js:115:20)
at Object.resume (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/node_modules/pause/index.js:25:18)
at store.get.next (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/middleware/session.js:311:15)
at /var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/middleware/session.js:333:9
4

1 回答 1

6

第一个猜测:您的表单的相对 URL 是问题所在。将您formaction属性更改为/service/add,看看是否有帮助。您收到的 403 禁止错误可能意味着 POST 请求将转到您期望的不同 URL 路径。例如,如果您的表单位于,则由于相对 url /pages/service,表单将提交到。/pages/service/service/add

第二个猜测:啊。知道了。

at Object.module.exports [as handle] (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/middleware/csrf.js:54:41)

crsf模块可能正在检查您的表单中的跨站点请求伪造令牌,该令牌将采用<input type="hidden" name="crsf_token" value="YOUR_CRSF_TOKEN">标签(或类似的东西)的形式。阅读您正在使用的 CRSF 中间件上的文档,了解如何创建正确的<form>标记 HTML,包括 CRSF 令牌。

于 2012-11-22T05:06:31.287 回答