2

我正在使用 luiminus 学习 clojure,并且我正在尝试按照示例解析参数。通过使用 curl 我正在发送要打印的用户名和密码,调用 foo 在以下路线中。但是,我收到“无效的防伪令牌错误”。我一直在寻找解决方案,但找不到任何解决方案。请注意,我也在使用 wrap 中间件行。有什么建议么?

curl --header "Content-Type: application/json" --request POST --data '{"username":"xyz","password":"xyz"}' 'localhost:3000/foo/bar?foo=bar'

主页.clj:

(ns wkom.routes.home
  (:require
   [wkom.layout :as layout]
   [wkom.db.core :as db]
   [clojure.java.io :as io]
   [wkom.middleware :as middleware]
   [ring.util.response]
   [ring.util.http-response :as response]))

(defn home-page [request]
  (layout/render request "home.html" {:docs (-> "docs/docs.md" io/resource slurp)}))

(defn about-page [request]
  (layout/render request "about.html"))

(defn bootstrap [request]
  (layout/render request "bootstrap.html"))

(defn form [request]
  (layout/render request "form.html"))

(defn foo2 [{:keys [path-params query-params body-params]}]
  (print "from foo2\n")
  {:status 200 :body (str "path params: " path-params "\nquery params: " query-params "\nbody params: " body-params)})

(defn home-routes []
  [ "" 
   {:middleware [middleware/wrap-csrf
                 middleware/wrap-formats]}
   ["/foo/:bar" {:post (fn [{:keys [path-params query-params body-params]}]
                {:status 200 :body   (str "path params: " path-params
                                      "\nquery params: " query-params
                                      "\nbody params: " body-params)})}]
   ["/" {:get home-page}]
   ["/about" {:get about-page}]
   ["/bootstrap" {:get bootstrap}]
   ["/form" {:get form
             :post foo2}]
   ["/foo2/:bar" {:post foo2}]])
4

2 回答 2

0

默认项目的 home.html 设置令牌并且可以从 cljs 访问为js/csrfToken. 它应该包含在发布请求中作为:x-csrf-token.

除非您使用其他防伪方法,否则不建议将中间件注释掉。

于 2022-01-08T02:22:19.030 回答
0

所以解决方案只是注释掉

middleware/wrap-csrf
于 2021-08-01T21:32:28.537 回答