| CSRF except filter is not working |
|
I am trying to set up a webhook for Stripe and I have my route for that set to `/subscription/webhooks`. I've added this URI to my CSRF except filter:
Code: public $globals = [This doesn't work. I've tried creating a test form with PHP Code: <?= csrf_field() ?> PHP Code: <?= csrf_field() ?> CI version: 4.4.1 Local server: nginx
CSRF filter set up in "after"?
See command https://codeigniter4.github.io/userguide...lter-check
The documentation says to put the csrf filter with the except array in 'before'. I ran the spark command to see what filters are running for that URI and it is still showing csrf being run. Even if I comment out the csrf line altogether, it is still being run. Where else could this be coming from?
Probaly subscription/webhooks/* as pattern?
(10-24-2023, 08:24 AM)ozornick Wrote: Probaly subscription/webhooks/* as pattern? When I add that I get csrf twice when I run the spark filter:check command Code: +--------+-----------------------+----------------+---------------+
> Where else could this be coming from?
In a route? https://codeigniter4.github.io/CodeIgnit...ng-filters (10-24-2023, 03:14 PM)kenjis Wrote: > Where else could this be coming from? Here is the route for this URI Code: $routes->post("subscription/webhooks","App\Subscription::webhooks");With this after all the other routes. Code: service('auth')->routes($routes);The isn't any CSRF filter on any of my routes in `Config/Routes.php` |
| Welcome Guest, Not a member yet? Register Sign In |
MENU
EXTRA MENU
ABOUT US
CodeIgniter is a powerful PHP framework with a very small footprint, built for developers who need a simple and elegant toolkit to create full-featured web applications.
