最近在学习laraveel入门,学到了上传和下载这个部分,因为还没有学到控制器和视图,所以就用postman模拟提交表单,上传了一个小文件。
但是用postman提交表单上传文件的时候,出现 了419错误,这个是因为csrf的限制。解决方案百度之后的结果大概有3个
第一个做法是注释中间件:
app\Http\Kernel.php
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
//注释掉下面这一行
// \App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
'throttle:60,1',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
第二个做法就是 设置白名单
app\Http\Middleware\VerifyCsrfToken.php
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
//在这里设置 *
'*'
];
}
这2个步骤的确可以实现功能,但是这2个做法都比较极端,于是尝试了针对某个控制器的某个方法设置白名单,写法如下
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
//在这里设置 *
// '*'
'index@index',
'index/index',
'www.blog.com/scc'
];
}
尝试了三个写法 都不对,用postman上传文件还是419错误,后来研究到了真正的解决方法。
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
#这个才是根正苗红的写法。
'scc'
];
}
scc是路由标识。
如下
#路由规则
Route::any('scc', 'index@scc');
#控制器的方法
function scc(Request $request){
// echo csrf_token();
$name = $request->file('filename');
echo '<pre>';
print_r($name->path());
echo '</pre>';
echo '<hr>';
die;
}
、