Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support Inexplicable CSRF Error
Inexplicable CSRF Error
  • Offline donpwinston
    Web Developer
  • ****
  • Posts: 271
    Threads: 64
    Joined: Jan 2016
    Reputation: 7
#1
Question  09-20-2024, 09:09 AM

I'm pulling my hair out trying to figure out why CI is not matching my CSRF token value. What else could cause this error? (error is equal to "old"). What does that mean? I've got a hidden csrf field and value in my view's form with method="post". Why would it not match the one CI is looking for? I've a zillion pages with forms like this. All of the others work as expected. Usually when I get the "The action you requested is not allowed" error is because I forgot to add 
PHP Code:
<?= csrf_field() ?>


Code:
Session User Data
__ci_last_regenerate 1726847150
_ci_previous_url https://dev-bnc4-web7.bsg.na.baesystems.com/user/otp/146/[email protected]
csrf_token_name a4cabeb296c28a07509bce759502297e
forgot_username 1
otp_errors 1
error The action you requested is not allowed.
__ci_vars
Array
(
    [error] => old

)
Simpler is always better
Reply
  • Offline donpwinston
    Web Developer
  • ****
  • Posts: 271
    Threads: 64
    Joined: Jan 2016
    Reputation: 7
#2
09-22-2024, 10:37 AM
(This post was last modified: 09-22-2024, 10:41 AM by donpwinston.)

I've got it working now but I don't know what I did to fix it. There was some other what I believe to be unrelated bugs I fixed and then it started working as expected.

I think it was an issue peculiar to Safari. It somehow matches my emails with my time restricted onetime passcode field and auto populates the field in my form for me.. I just have to click the little blue popup field next the form's passcode field in the browser. It must use the name and/or label of the passcode field and scrapes my email to hook it all together?
Simpler is always better
Reply




Theme © iAndrew 2016 - Forum software by © MyBB