php laravel 5.5 由于不活动,页面已过期。请刷新并重试
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/46149561/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
laravel 5.5 The page has expired due to inactivity. Please refresh and try again
提问by Svetlozar
I'm new with Laravel and I have a problem which I don't understand. I have а log form in my project and my method is POST. When I try a request the result is:
我是 Laravel 的新手,我有一个我不明白的问题。我的项目中有一个日志表单,我的方法是POST。当我尝试请求时,结果是:
'The page has expired due to inactivity. Please refresh and try again.'
'由于不活动,页面已过期。请刷新并重试。
But if I change the method to GET, It works fine.
但是如果我将方法更改为GET,它工作正常。
Can someone tell me why is that and how to fix it? because of course I need POST method.
有人能告诉我这是为什么以及如何解决吗?因为我当然需要 POST 方法。
回答by Erik Baars
This problem comes from the CSRF token verification which fails. So either you're not posting one or you're posting an incorrect one.
此问题来自失败的 CSRF 令牌验证。所以要么你没有发布一个,要么你发布了一个不正确的。
The reason it works for GET is that for a GET route in Laravel, there is no CSRF token posted.
它适用于 GET 的原因是,对于 Laravel 中的 GET 路由,没有发布 CSRF 令牌。
You can either post a CSRF token in your form by calling:
您可以通过调用以下方式在表单中发布 CSRF 令牌:
{{ csrf_field() }}
Or exclude your route (NOT RECOMMENDED DUE TO SECURITY) in app/Http/Middleware/VerifyCsrfToken.php:
或排除您的路线(出于安全原因不推荐)app/Http/Middleware/VerifyCsrfToken.php:
protected $except = [
'your/route'
];
回答by Maniruzzaman Akash
In my case, I've got the same error message and then figured out that I've missed to add csrf_tokenfor the form field. Then add the csrf_token.
就我而言,我收到了相同的错误消息,然后发现我错过了csrf_token为表单字段添加内容。然后添加csrf_token.
Using form helper that will be,
使用表单助手,
{{ csrf_field() }}
Or without form helper that will be,
或者没有表单助手,
<input type="hidden" name="_token" value="{{ csrf_token() }}">
If that doesn't work, then-
如果那不起作用,那么-
Refresh the browser cache
刷新浏览器缓存
and now it might work, thanks.
现在它可以工作了,谢谢。
Update For Laravel 5.6
Laravel 5.6 更新
Laravel integrates new @csrfinstead of {{ csrf_field() }}. That looks more nice now.
Laravel 集成了 new@csrf而不是{{ csrf_field() }}. 现在看起来更漂亮了。
<form action="">
@csrf
...
</form>
回答by Udhav Sarvaiya
Anytime you define an HTML form in your application, you should include a hidden CSRF token field in the form so that the CSRF protection middleware can validate the request. You may use the csrf_fieldhelper to generate the token field:
任何时候在应用程序中定义 HTML 表单时,都应该在表单中包含一个隐藏的 CSRF 令牌字段,以便 CSRF 保护中间件可以验证请求。您可以使用csrf_field助手生成令牌字段:
<form method="POST" action="/profile">
{{ csrf_field() }}
...
</form>
It doesn't work, then Refresh the browser cache and now it might work,
它不起作用,然后刷新浏览器缓存,现在它可能会起作用,
For more details open link :- CSRF Protection in Laravel 5.5
有关更多详细信息,请打开链接:- Laravel 5.5 中的 CSRF 保护
UPDATE:
更新:
With Laravel 5.6 using Blades templates, it's pretty easy.
Laravel 5.6 使用 Blades 模板,这很容易。
<form method="POST" action="/profile">
@csrf
...
</form>
For more details open link :- CSRF Protection in Laravel 5.6
有关更多详细信息,请打开链接:- Laravel 5.6 中的 CSRF 保护
回答by Youssouf Cherif
Verify that your config/session.php file contains this line
验证您的 config/session.php 文件包含这一行
'domain' => env('SESSION_DOMAIN', null),
Then remove the SESSION_DOMAINline in your .env file
然后删除SESSION_DOMAIN.env 文件中的行
回答by Sayed Mohammad Amin Emrani
i had same problem. use 'clear browsing data' in chrome. maybe solve your problem.
我有同样的问题。在 chrome 中使用“清除浏览数据”。也许能解决你的问题。
回答by José Ricardo Júnior
This happens because you are using the default CSRV middleware from Laravel's installation. To solve, remove this line from your Kernel.php:
发生这种情况是因为您使用的是 Laravel 安装中的默认 CSRV 中间件。要解决此问题,请从 Kernel.php 中删除此行:
\App\Http\Middleware\VerifyCsrfToken::class,
This is fine if you are build an API. However, if you are building a website this is a security verification, so be aware of its risks.
如果您正在构建 API,这很好。但是,如果您正在构建网站,这是一项安全验证,因此请注意其风险。
回答by Ayan Mohammad
In my case , I added ob_start(); at the top of my index.phpon server and everything seems to be working fine.
就我而言,我添加了 ob_start(); 在服务器上的index.php顶部,一切似乎都运行良好。
回答by Rayton Kiwelu
Tried different solutions to solve the problem for several weeks without success.
几个星期尝试了不同的解决方案来解决问题,但没有成功。
The problem I was facing was caused by upgrading from laravel 5.0 to 5.5 and forgot to update config/session.php
我面临的问题是由于从 laravel 5.0 升级到 5.5 而忘记更新 config/session.php
If anyone is facing the problem, try to update the config/session.php to match the version on Laravel you are running
如果有人遇到问题,请尝试更新 config/session.php 以匹配您正在运行的 Laravel 版本
回答by Ahmed Marzouk
I had the same problem, I have tried many solutions. but none worked for me. then I found out that for some reason I was using this in my .env file:
我遇到了同样的问题,我尝试了很多解决方案。但没有一个对我有用。然后我发现由于某种原因我在我的 .env 文件中使用了它:
SESSION_DOMAIN= myapp.me
SESSION_DOMAIN= myapp.me
and as soon as I put it back to null, everything worked just fine.
一旦我把它放回空,一切都很好。
回答by Abid Shah
First, include csrf in your form.
首先,在表单中包含 csrf。
{{ csrf_field() }}
if the problem didn't solve, then use ob_start();at the very start of index.php.
如果问题没有解决,则ob_start();在 index.php 的最开始使用。
<?php ob_start();
