我认为用了jQuery POST数据发送到我的控制器,但它的失败,我得到以下错误,当安全问题工作是通过一起去除该控制器中的安全性。发送POST请求王氏CakePHP的
这里的控制器有问题的前过滤器
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('help','submit_bank_info');
$this->Auth->authorize = 'Controller';
}
如果看到这个蛋糕上的文档
When using the Security Component you must use the FormHelper to create your forms. In addition, you must not override any of the fields’ “name” attributes. The Security Component looks for certain indicators that are created and managed by the FormHelper (especially those created in create() and end()). Dynamically altering the fields that are submitted in a POST request (e.g. disabling, deleting or creating new fields via JavaScript) is likely to trigger a black-holing of the request. See the $validatePost or $disabledFields configuration parameters.
我使用的版本2.3.8。有什么方法可以禁用该操作,以便我可以为其他操作保留安全组件?
确实/设置/帮助或确实/帮助工作? – Adder
是的,但那些不是基于javascript/jquery的表单。他们是用表单助手构建的。出于几个原因,我不得不使用javascript/jquery作为“submit_bank_info”。我正在使用平衡付款卡处理。 – user1406951