• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
CSRF + ajax/jquery problem

#2
You will need to return the new CSRF hash value to your ajax success method and use the value to update the hidden CSRF field.

In the controller you can use the security class to get the CSRF token name and hash like this

PHP Code:
$token $this->security->get_csrf_token_name();
$hash $this->security->get_csrf_hash(); 

Then, assuming you will return json data, echo a json encoded array containing this info... and anything else needed to update the page.

PHP Code:
echo json_encode(array('token' => $token'hash' => $hash'other' => $something'more_stuff' => $more); 

Then, back at the .ajax success function, some javascript along these lines to update the CSRF field

Code:
success: function (results) {
   //find the CSRF field and update with new hash value
   $("input[name=" + results.token + "]").val(results.hash);

  // code for refreshing other stuff...
},
Reply


Messages In This Thread
CSRF + ajax/jquery problem - by fedde - 09-08-2017, 09:58 AM
RE: CSRF + ajax/jquery problem - by dave friend - 09-08-2017, 02:44 PM
RE: CSRF + ajax/jquery problem - by fedde - 09-08-2017, 10:53 PM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.