jquery post方法不工作(403 -禁止)

jquery post method doesn't work (403 - Forbidden)

本文关键字:禁止 工作 post 方法 jquery      更新时间:2023-09-26

$.get()在我的代码中工作,但$.post()没有。用同样的代码…当我使用$.post()时,我的代码无法到达控制器。我使用MVC(Sails.js)。我几乎阅读了所有的问题和文件。但我找不到任何理由。

html 

<div id="login-form-panel" class="form-login">   
    <form id="login-form" role="form">
        <legend><h1>Login in..</h1></legend>
        <input type="text" id="username" placeholder="User name" data-clear-btn="true" autocomplete="off" title="User name" autofocus required />
        <input type="password" id="password" placeholder="Password" data-clear-btn="true" autocomplete="off" title="Password" required />
        <input type="submit" id="btn-form-login" class="btn btn-primary  btn-lg btn-block" style="margin-top:17px" value="Login">
    </form>  
</div>

js 

   // $('body').on('click', '#btn-form-login', function() {
   $("#login-form").submit(function(e){
        username = $("#username").val();
        password = $("#password").val();
        if(!console) {
            console = {};
            console.log = function() {};
        }
        console.log(username + " " + password);
            $.post(
                '/user/login',
                { username: username, password: password },
                function(res) {
                    $.session.set('username', username);
                    $.session.set('password', password);
                    window.location = res;
                },
                "json"
            )
            .fail(function(xhr, statusText, error){ 
                alert(xhr.status);
            });
            e.preventDefault();
    });
h2控制器

module.exports = {
    login: function(req, res) {
        console.log("controller works..");
        // To use mongo native query 
        User.native(function(err, collectionUser) {
            if(err) { return err; };
            if(!collectionUser) { return err; };
            collectionUser
            .find({'username' : req.param('username')})
            .nextObject(function (err, user) {
                if(err) { 
                    console.log('db error');
                    res.send(500, 'db error');
                    return err; 
                };
                if(!user) {
                    console.log('username error');
                    res.send(404, { error: 'username error'});
                };
                if(user) { 
                    if(user.password === req.param('password')) {
                        // Log user in
                        req.session.authenticated = true;
                        req.session.User = user;
                        var oldDateObj = new Date();
                        var newDateObj = new Date(oldDateObj.getTime() + 3600000);
                        req.session.cookie.expires = newDateObj;
                        user.online = true;
                        collectionUser.save(user, {w: 1}, function(err, user_id) {
                            if(err) {
                                res.send(500, 'There is an error when accessing db'n' + err);
                            }
                            // Inform other sockets
                            User.publishUpdate(user_id, {
                                loggedIn: true,
                                id: user._id,
                                name: user.username,
                                action: ' giriş yaptı.'
                            });
                            res.send("/user/show/" + user['_id']);                        
                        });
                    } else { 
                        console.log('password error'); 
                        res.send(400, 'password error');
                        //res.redirect('/'); 
                    } 
                };
            });
        });
    },
}

解决方案

1-配置Sails的跨站点请求保护使用POST方法-正如Zieaglar上面所说的。因此,

首先进入config/csrf.js并将布尔值更改为false。和其次,在表单标签

中添加以下代码
<input type='hidden' name='_csrf' value='<%= _csrf %>'>

2-删除POST方法中的dataType部分- "json"

相关文章: