+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forumdisplay.php?fid=28)
+--- Forum: CodeIgniter 4 Support (https://forum.codeigniter.com/forumdisplay.php?fid=30)
+--- Thread: CSRF regenerate with AJAX (/showthread.php?tid=76104)
Pages:
1
2
RE: CSRF regenerate with AJAX - Leo - 02-07-2023
(02-06-2023, 10:44 PM)SubrataJ Wrote: everything is cool but this still suxs when you are working on more than 1 tab.I imagine you can use a setInterval func. in javascript to retrieve a fresh version of the token in whichever tab you are working...OR
BEFORE submitting the form (ev.preventDefault()), you can call the function described above - or better yet, its vanilla javascript versionfunction - when I wrote it I used to use JQuery - but I definitely advise not to use it in this day and age.
RE: CSRF regenerate with AJAX - Gary - 02-26-2023
I'd suggest looking into the original security concept behind CSRF... I suspect accepting a request from any "used" token (when requesting the 2nd, 3rd, ... nth "fresh version" / new token) will compromise some of the original intent (and security) by breaking the singularity of the "active" thread between the client and the server which the CSRF tokens afford... though, perhaps it may still be good enough for some use-cases(?).