0
此代码来自Laravel,VerifyCsrfToken.php。这是评论解释一些事情。我正在通过restangular从Angular向Laravel发送一个请求。令牌被正确发送(我认为),但解密一个无效的数据异常。我可以通过在最后删除Decrypt调用来使代码生效。我看了看,发现没有参考头需要加密之前发送,我甚至不知道如何做到这一点。加密发送给Laravel的头文件?
protected function tokensMatch($request)
{
$token = $request->session()->token();
//from log, $token = UD6zHpg6lQYa9Xdz69kmOa3D2BBr12ErbhJD744x
$header = $request->header('X-XSRF-TOKEN');
//from log, $header = UD6zHpg6lQYa9Xdz69kmOa3D2BBr12ErbhJD744x
if (StringUtils::equals($token, $header)) Log::info('Token' . $token . " -- Header " . $header);
return StringUtils::equals($token, $request->input('_token')) ||
($header && StringUtils::equals($token, $this->encrypter->decrypt($header)));
//original line - Decrypt Error - invalid data
($header && StringUtils::equals($token, $header));
//my alternative - works!
//HOW SHOULD THE HEADER BE ENCRYPTED when sent????
//MY Current HEADER...
//X-XSRF-TOKEN: UD6zHpg6lQYa9Xdz69kmOa3D2BBr12ErbhJD744x
}