Problem with jquery-file-upload and csrf-magic #6
Comments
|
Seems I was able to fix this by extending the process method like so: Will have to test this a little more. |
|
hi, On 5/21/15, Bianka Martinovic [email protected] wrote:
|
|
Uhm, what do you mean? |
|
i meant will you tell me the steps to reproduce for my php based On 5/21/15, Bianka Martinovic [email protected] wrote:
|
|
In my case, the jQuery plugin sends an object instead of a string. When csrf-magic prepends the form data with the token, result is The part before the & is the token string, the part after would be an object, but now it's cast to a string. The result is an invalid query string, so no data is posted to the PHP script on the server side. To find this, I used Firebug to see what is sent to the server (console window). After adding the patch shown above all works fine for me. |
Thanks to @webbird
|
I also ran into this issue and used the same fix, but I had to add it in the CsrfMagic.prototype.send() method as well. You could call the process() method, in order to avoid duplicate code. send: function(data) {
if (!this.csrf_isPost) return this.csrf_send(data);
prepend = csrfMagicName + '=' + csrfMagicToken + '&';
if (this.csrf_purportedLength === undefined) {
this.csrf_setRequestHeader("Content-length", this.csrf_purportedLength + prepend.length);
delete this.csrf_purportedLength;
}
delete this.csrf_isPost;
// Fix to work with FormData objects.
if (typeof data == 'object') {
data[csrfMagicName] = csrfMagicToken;
return this.csrf_send(data);
}
return this.csrf_send(prepend + data);
}, |
I am having a problem combining csrf-magic and jquery-file-upload by blueimp. When trying to send the files (i.e. send the upload form), the csrf-magic.js prepends the data with it's token. Result is an invalid post:
__csrf_magic=sid:d0a151fd235a4f1302269149a01afe55a45db3de,1432143876&[object FormData]
The server side script now gets nothing as the query string is invalid.
Any ideas?
The text was updated successfully, but these errors were encountered: