CakePHP CSRF验证

https://book.cakephp.org/4/en/security/csrf.html#csrf-protection

$token = $this->request->getAttribute('csrfToken');
$this->set('X-CSRF-Token', $token);

AJAX:

beforeSend: function (xhr) {
    xhr.setRequestHeader('X-CSRF-Token', $('[name="_csrfToken"]').val());
},