WeChat AppletWeChat DevelopmentWeChat development tips: Solutions to the error config:invalid signature
WeChat development tips: The solution to the error config:invalid signature
WeChat public platform, the solution to the error config:invalid signature keeps popping up
If it is an invalid signature signature error. It is recommended to check in the following order:
1. Confirm that the signature algorithm is correct, and you can use the http://mp.weixin.qq.com/debug/cgi-bin/sandbox?t=jsapisign page tool for verification.
2. Confirm that the nonceStr (standard camel case capital S in js) and timestamp in the config are consistent with the corresponding noncestr and timestamp used in the signature.
3. Confirm that the URL is the complete URL of the page (please confirm on the current page alert(location.href.split(‘#’)[0])), including the ‘http(s)://’ part, and ‘? GET parameter part after ', but does not include the part after '#' hash.
4. Confirm that the appid in config is consistent with the appid used to obtain jsapi_ticket.
5. Make sure to cache access_token and jsapi_ticket.
This is the key point:
Make sure that the URL you obtain for signing is obtained dynamically. For dynamic pages, please refer to the PHP implementation in the example code. If it is a static page of html, the url is passed to the backend for signature through ajax on the front end. The front end needs to use js to get the link of the current page except the '#' hash part (can be obtained by location.href.split('#')[0], and encodeURIComponent is required), because once the page is shared, the WeChat client will add other parameters at the end of your link. If the current link is not obtained dynamically, the signature of the shared page will fail.
Teach how to verify whether it is correct:
The method of dynamically obtaining the url is:
$protocol = (!empty($_SERVER[HTTPS]) && $_SERVER[HTTPS] !== off || $_SERVER[SERVER_PORT] = = 443) ? "https://" : "http://";
$url = $protocol.$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI];
Steps:
First you are Page alert(location.href.split('#')[0]);
Then you print out whether the dynamically obtained URL is the same as the address of your alert. They must be exactly the same, including capitalization.
If you find something different, change it according to your needs. Anyway, it’s the same. The signature verification must pass.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Dreamweaver CS6
Visual web development tools
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
SublimeText3 Linux new version
SublimeText3 Linux latest version
SublimeText3 Mac version
God-level code editing software (SublimeText3)
