csrf令牌 - 技术栈

csrf令牌

烟雨666_java2024-11-07 16:02

csrf

get请求

路由

php 复制代码

//  index.php
Route::get('/', function () {
    // return view('welcome');
    return view('login');
});


Route::get('d3',function(Request $request){
    echo "输入的内容是" . "<font color=''>".$request -> input('mytext')."</font>";
});

视图

php 复制代码

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Document</title>
</head>
<body>
    <form action="http://localhost/index.php/d3" method="get">
        内容：<input type="text" name="mytext">
        <br>
        <input type="submit" value="提交" >
        

    </form>
</body>
</html>

post

在 form 表单中开启令牌

路由

php 复制代码

//  index.php
Route::get('/', function () {
    // return view('welcome');
    return view('login');
});


Route::post('d3',function(Request $request){
    echo "输入的内容是" . "<font color='red'>".$request -> input('mytext')."</font>";
});

php 复制代码

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Document</title>
</head>
<body>
    <form action="http://localhost/index.php/d3" method="post">

        @csrf
        <!-- 上面这行就是开启令牌 -->
        内容：<input type="text" name="mytext">
        <br>
        <input type="submit" value="提交" >


    </form>
</body>
</html>