Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Is there a fix for the CSRF "The action you have requested is not allowed" issue?
Is there a fix for the CSRF "The action you have requested is not allowed" issue?
  • El Forum
    Unregistered
  •  
#5
12-07-2012, 11:58 AM

[eluser]CroNiX[/eluser]
[quote author="amircoco" date="1354900516"]I've been having the same problem and after many tracing I found out a bug in codeigniter 2.0 which is in xss_clean function in codeigniter/libraries/Form_validation.php

Code:
if ( ! isset($this->CI->security))

I changed to this

Code:
$CI =& get_instance();
if ( ! isset($CI->security))

and it works correctly.

It had loaded security class twice and cookies had been unset so the form token hadn't equaled to the cooky after one submit[/quote]
Please file an official bug report on github, or this likely won't get fixed. If you submit a pull request with your changes - that would be even better.


Messages In This Thread
Is there a fix for the CSRF "The action you have requested is not allowed" issue? - by El Forum - 12-07-2012, 11:58 AM



Theme © iAndrew 2016 - Forum software by © MyBB