Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter General Help CI 4.5.1 CSRF - The action you requested is not allowed.
CI 4.5.1 CSRF - The action you requested is not allowed.
  • Offline jackvaughn03
    Newbie
  • *
  • Posts: 1
    Threads: 1
    Joined: Apr 2024
    Reputation: 0
#1
04-23-2024, 10:17 PM
(This post was last modified: 04-23-2024, 10:35 PM by jackvaughn03.)

Hello experts,

Has anyone encountered the same issue as mine after updating from CI4.4.5 to CI4.5.1? 
Submitting a form with CSRF configuration previously posed no problem.
However, now I can't submit the form using ajax unless I configure it as expected in the filter. 
I need some routes to not be excepted in the filter (csrf->except->[]) configuration.

Thank you in advance.


[Image: Screenshot-2024-04-24-130236.png]
Reply
  • Offline BhambriRohunu
    Newbie
  • *
  • Posts: 5
    Threads: 2
    Joined: May 2023
    Reputation: 0
#2
04-24-2024, 11:01 PM

Hey there,

Yes, CI 4.5.1 tightened CSRF handling. To exclude routes, use csrf_exclude() in your controller:

PHP
$this->protectExcept(['route1', 'route2']);

This allows AJAX form submissions without CSRF validation on those routes.
Reply
  • Offline kenjis
    Administrator
  • *******
  • Posts: 3,353
    Threads: 91
    Joined: Oct 2014
    Reputation: 209
#3
04-25-2024, 12:39 AM

@BhambriRohunu Excuese me, are you a bot? Your comment is nonsense.
ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper
Reply




Theme © iAndrew 2016 - Forum software by © MyBB