我正在尝试从本地主机上的两个不同端口建立Web套接字连接。我正在使用Sente和Immutant。我有以下内容,但尝试连接时会返回403禁止
Server.clj
(defn handler
"Comment"
[]
"<h1>Hello World</h1>")
(let [{:keys [ch-recv send-fn connected-uids
ajax-post-fn ajax-get-or-ws-handshake-fn]}
(sente/make-channel-socket! (get-sch-adapter) {})]
(def ring-ajax-post ajax-post-fn)
(def ring-ajax-get-or-ws-handshake ajax-get-or-ws-handshake-fn)
(def ch-chsk ch-recv) ; ChannelSocket's receive channel
(def chsk-send! send-fn) ; ChannelSocket's send API fn
(def connected-uids connected-uids) ; Watchable, read-only atom
)
(defroutes app
"The router."
(GET "/" [] (handler))
(GET "/chsk" req (ring-ajax-get-or-ws-handshake req))
(POST "/chsk" req (ring-ajax-post req))
(route/not-found
"<h1>Page not found</h1>"))
(def my-app
(-> app
;; Add necessary Ring middleware:
ring.middleware.keyword-params/wrap-keyword-params
ring.middleware.params/wrap-params))
(def wrapped
(wrap-cors my-app :access-control-allow-origin [#".*"]
:access-control-allow-methods [:get :put :post :delete]))
(defn -main
"Start the server"
[& args]
(immutant/run wrapped {:host "localhost" :port 8080 :path "/"}))
这不会引发任何错误,并且“ /”路由正确显示。
Client.cljs
(let [{:keys [chsk ch-recv send-fn state]}
(sente/make-channel-socket! "/chsk" ; Note the same path as before
"sdasds" ; dummy
{:type :auto ; e/o #{:auto :ajax :ws}
:host "localhost:8080/"
}
)]
(def chsk chsk)
(def ch-chsk ch-recv) ; ChannelSocket's receive channel
(def chsk-send! send-fn) ; ChannelSocket's send API fn
(def chsk-state state) ; Watchable, read-only atom
)
这会在尝试连接时抛出403错误。我不确定为什么要这样做,我已经看了一段时间,但结果却很短。
我相信这是CSRF反伪造的问题:
这很重要。 Sente有支持,但是您需要使用诸如环防伪的中间件来生成和检查CSRF代码。应当覆盖环-ajax-post处理程序(即,对其进行保护)。
在Sente official example中,他们显示了如何正确设置它。