我正在尝试在我的 Laravel 项目中实现 IPN,由于“csrf”,来 self 网站的发布请求正在工作,
我尝试像这里写的那样实现它:
https://developer.paypal.com/docs/api-basics/notifications/ipn/ht-ipn/
在我的routes/web.php中:
Route::post('i', [IController::class, 'y'])->name('i');
在 IController 中,侧面写的是:
public function y()
{
error_log('function y called');
// STEP 1: read POST data
// Reading POSTed data directly from $_POST causes serialization issues with array data in the POST.
// Instead, read raw POST data from the input stream.
$raw_post_data = file_get_contents('php://input');............
error_log 没有显示,意味着该函数从未进入。
问题:我如何强制 Laravel 排除来自 Paypal 的帖子?
最佳答案
您可以在 Laravel 中从 CSRF 保护中排除 URI。
转到 App\Http\Middleware\VerifyCsrfToken
并添加要排除 csrf token 的 url。
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'i',
];
}
正如文档所说
Sometimes you may wish to exclude a set of URIs from CSRF protection. For example, if you are using Stripe to process payments and are utilizing their webhook system, you will need to exclude your Stripe webhook handler route from CSRF protection since Stripe will not know what CSRF token to send to your routes.
Typically, you should place these kinds of routes outside of the web middleware group that the App\Providers\RouteServiceProvider applies to all routes in the routes/web.php file. However, you may also exclude the routes by adding their URIs to the $except property of the VerifyCsrfToken middleware:
关于php - Laravel Paypal POST 请求被拒绝,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68125778/