问题描述
我知道VerifyCsrfToken
中间件(app/Http/Middleware/VerifyCsrfToken.php
)的$except
属性,但是我正在寻找一种从我的程序包中执行类似操作的方法(因此,安装它的用户不必修改他们的VerifyCsrfToken.php
作为我上班的路线.
I am aware of the $except
property of the VerifyCsrfToken
middleware (app/Http/Middleware/VerifyCsrfToken.php
) but I am looking for a way to do something similar from my package (so the users who install it don't have to modify their VerifyCsrfToken.php
for my route to work).
我能够在包中定义路由,但是我不知道如何从默认中间件中排除其中的一个(或多个)路由.我尝试在自己的软件包上扩展Illuminate\Foundation\Http\Middleware\VerifyCsrfToken
,但没有运气.
I am able to define routes on my package but I have no idea how to exclude one (or more) of them from the default middleware. I have tried extending Illuminate\Foundation\Http\Middleware\VerifyCsrfToken
on my own package with no luck.
推荐答案
不,没有.当在app/Http/Kernel.php
类的$middleware
属性中提供中间件时,始终会执行中间件.
No, there is not. Middleware is always executed when provided in the $middleware
property of your app/Http/Kernel.php
class.
这是一件好事.您想让开发人员完全控制他们是否要在其应用程序中启用安全检查.
This is a good thing. You want to give the developers full control on whether or not they want to enable security checks in their application.
如果您确实在路由上需要一个例外,则可以简单地要求将例外手动添加到VerifyCsrfToken
类中.
If you really need an exception on the route, you can simply ask to manually add the exception to the VerifyCsrfToken
class.
据我所知,服务容器绝对不能访问VerifyCsrfToken
类中的$except
数组.即使您找到创建中间件实例的方法,内核也将创建中间件类的新实例.由于例外列表不是静态列表,因此无法更改.
The $except
array in the VerifyCsrfToken
class is in no way accessible by the Service Container as far as I know. Even if you could find a way to create an instance of the middleware, the Kernel will just create a new instance of the middleware classes. Because the list of exceptions isn't static, it is impossible to change this.
这篇关于有没有办法在Laravel 5的软件包中从CSRF保护中排除路由?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!