可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
I do an ajax call but I keep getting this error:
419 (unknown status)
No idea what is causing this I saw on other posts it has to do something with csrf token but I have no form so I dont know how to fix this.
my call:
$('.company-selector li > a').click(function(e) { e.preventDefault(); var companyId = $(this).data("company-id"); $.ajax({ headers: { 'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content') }, url: '/fetch-company/' + companyId, dataType : 'json', type: 'POST', data: {}, contentType: false, processData: false, success:function(response) { console.log(response); } }); });
My route:
Route::post('fetch-company/{companyId}', 'HomeController@fetchCompany');
My controller method
/** * Fetches a company * * @param $companyId * * @return array */ public function fetchCompany($companyId) { $company = Company::where('id', $companyId)->first(); return response()->json($company); }
The ultimate goal is to display something from the response in a html element.
回答1:
Use this in the head section:
and get the csrf token in ajax:
$.ajaxSetup({ headers: { 'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content') } });
回答2:
Another way to resolve this is to use the _token field in ajax data and set the value of {{csrf_token()}} in blade. Here is a working code that I just tried at my end.
$.ajax({ type: "POST", url: '/your_url', data: { somefield: "Some field value", _token: '{{csrf_token()}}' }, success: function (data) { console.log(data); }, error: function (data, textStatus, errorThrown) { console.log(data); }, });
回答3:
This is similar to Kannan's answer. However, this fixes an issue where the token should not be sent to cross-domain sites. This will only set the header if it is a local request.
HTML:
JS:
$.ajaxSetup({ beforeSend: function(xhr, type) { if (!type.crossDomain) { xhr.setRequestHeader('X-CSRF-Token', $('meta[name="csrf-token"]').attr('content')); } }, });
回答4:
Even though you have a csrf_token, if you are authenticate your controller actions using Laravel Policies you can have 419 response as well. In that case you should add necessary policy functions in your Policy class.
回答5:
If you already done the above suggestions and still having the issue.
Make sure that the env variable:
SESSION_SECURE_COOKIE
Is set to false if you don't have a SSL certificate, like on local.
回答6:
in my case i forgot to add csrf_token input to the submitted form. so i did this HTML:
JS:
//setting containers var _token = $('input#_token').val(); var l_img = $('input#l_img').val(); var formData = new FormData(); formData.append("_token", _token); formData.append("l_img", $('#l_img')[0].files[0]); if(!l_img) { //do error if no image uploaded return false; } else { $.ajax({ type: "POST", url: "/my_url", contentType: false, processData: false, dataType: "json", data : formData, beforeSend: function() { //do before send }, success: function(data) { //do success }, error: function(jqXhr, textStatus, errorThrown) //jqXHR, textStatus, errorThrown { if( jqXhr.status === "422" ) { //do error } else { //do error } } }); } return false; //not to post the form physically
