优化手机输入及钓鱼
This commit is contained in:
+29
-2
@@ -3,6 +3,9 @@
|
||||
use Illuminate\Foundation\Application;
|
||||
use Illuminate\Foundation\Configuration\Exceptions;
|
||||
use Illuminate\Foundation\Configuration\Middleware;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Session\TokenMismatchException;
|
||||
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
|
||||
|
||||
return Application::configure(basePath: dirname(__DIR__))
|
||||
->withRouting(
|
||||
@@ -30,10 +33,34 @@ return Application::configure(basePath: dirname(__DIR__))
|
||||
$middleware->redirectGuestsTo('/');
|
||||
})
|
||||
->withExceptions(function (Exceptions $exceptions): void {
|
||||
$isChatAjaxRequest = static function (Request $request): bool {
|
||||
return $request->expectsJson() && $request->is(
|
||||
'room/*/send',
|
||||
'room/*/heartbeat',
|
||||
'room/*/leave',
|
||||
'room/*/announcement',
|
||||
'gift/*',
|
||||
'command/*',
|
||||
'chatbot/*',
|
||||
'shop/*'
|
||||
);
|
||||
};
|
||||
|
||||
// 聊天室 AJAX 接口:CSRF token 过期(419)时,返回 JSON 提示而非重定向
|
||||
// 防止浏览器收到 302 后以 GET 方式重请求只允许 POST 的路由,产生 405 错误
|
||||
$exceptions->render(function (\Illuminate\Session\TokenMismatchException $e, \Illuminate\Http\Request $request) {
|
||||
if ($request->is('room/*/send', 'room/*/heartbeat', 'room/*/leave', 'room/*/announcement', 'gift/*', 'command/*', 'chatbot/*', 'shop/*')) {
|
||||
$exceptions->render(function (TokenMismatchException $e, Request $request) use ($isChatAjaxRequest) {
|
||||
if ($isChatAjaxRequest($request)) {
|
||||
return response()->json([
|
||||
'status' => 'error',
|
||||
'message' => '页面已过期,请刷新后重试。',
|
||||
], 419);
|
||||
}
|
||||
});
|
||||
|
||||
// Laravel 在某些环境下会先把 TokenMismatchException 包装成 419 HttpException,
|
||||
// 这里补一层兜底,确保聊天接口始终返回稳定的 JSON,而不是默认 HTML 错误页。
|
||||
$exceptions->render(function (HttpExceptionInterface $e, Request $request) use ($isChatAjaxRequest) {
|
||||
if ($e->getStatusCode() === 419 && $isChatAjaxRequest($request)) {
|
||||
return response()->json([
|
||||
'status' => 'error',
|
||||
'message' => '页面已过期,请刷新后重试。',
|
||||
|
||||
Reference in New Issue
Block a user