| Add CSRF error 'the action you have requested is not allowed' |
|
I added csrf field to my form like that:
<input type="hidden" name="<?= csrf_token() ?>" value="<?= csrf_hash() ?>" /> And I send request using POST method. When I submit my form, I've got error 'the action you have requested is not allowed'. How to repair it? My App.php: [...] public $sessionDriver = 'CodeIgniter\Session\Handlers\FileHandler'; public $sessionCookieName = 'my_session'; public $sessionExpiration = 7200; public $sessionSavePath = WRITEPATH . 'session'; public $sessionMatchIP = false; public $sessionTimeToUpdate = 300; public $sessionRegenerateDestroy = false; public $cookiePrefix = ''; public $cookieDomain = 'http://localhost:8080'; public $cookiePath = '/'; public $cookieSecure = false; public $cookieHTTPOnly = false; public $CSRFTokenName = 'csrf'; public $CSRFHeaderName = 'X-CSRF-TOKEN'; public $CSRFCookieName = 'csrf'; public $CSRFExpire = 700; public $CSRFRegenerate = false; public $CSRFRedirect = true; [..] Thanks for any help 
did you enable in Filters.php ?
public $globals = [ 'before' => [ //'honeypot' 'csrf' ] ]; I can confirm your approach must be Ok since i'm using exacly the same approach in my forms eg Code: <input type="hidden" name="<?= csrf_token() ?>" value="<?= csrf_hash() ?>" /> |
| Welcome Guest, Not a member yet? Register Sign In |
