Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support Issues with CSRF in CI4 tutorial
Issues with CSRF in CI4 tutorial
  • Offline joho
    CI noob
  • ***
  • Posts: 85
    Threads: 29
    Joined: Mar 2023
    Reputation: 2
#3
04-03-2023, 04:00 AM
(This post was last modified: 04-03-2023, 04:11 AM by joho. Edit Reason: Formatting )

I've checked "my" code against the code at the URL you prevented, and I can't see any differences.

Could this have something to do with these settings in .env? Do I need to modify them elsewhere to match this perhaps?

Code:
security.csrfProtection = 'cookie'
security.tokenRandomize = false
security.tokenName = 'ltest2_csrf_token_name'
security.headerName = 'X-CSRF-TOKEN'
security.cookieName = 'ltest2_csrf_cookie'
security.expires = 7200

Or, could it have something to do with me using https://my.host.name/sub-directory/ for the tutorial?
OK. Found it. Duh!

Apparently, PHP does not mind if you enter a pool configuration value as "MB" instead of "M", it just silently ignores it and sets it to zero. So I had post_max_size set to 10MB instead of 10M, so no post data was getting through at all. This became obvious when checking the PHP error log file.

So, my bad, all is well for now :-)
Reply


Messages In This Thread
Issues with CSRF in CI4 tutorial - by joho - 03-31-2023, 02:48 AM
RE: Issues with CSRF in CI4 tutorial - by kenjis - 04-01-2023, 04:46 AM
RE: Issues with CSRF in CI4 tutorial - by joho - 04-04-2023, 12:08 AM
RE: Issues with CSRF in CI4 tutorial - by joho - 04-03-2023, 04:00 AM



Theme © iAndrew 2016 - Forum software by © MyBB