CodeIgniter CSRF Protection With Ajax

CodeIgniter CSRF Protection With Ajax

spjonez
Member
Posts: 213
Threads: 16
Joined: Oct 2014
Reputation: 10

09-16-2016, 11:40 AM

(09-15-2016, 06:05 AM)SammieL Wrote: But the cookie is read on-click event. That's for example, when the submit button is clicked, the cookie is read. So I assume that it will always contain current csrf_token that matches the one in the server.

Cookies are static data stored in your web browser and will not update unless you tell them to. If you are regenerating CSRF tokens per request your cookie will always have the first value you gave it and not the new value after each request.

Messages In This Thread

CodeIgniter CSRF Protection With Ajax - by SammieL - 09-15-2016, 02:54 AM

RE: CodeIgniter CSRF Protection With Ajax - by spjonez - 09-15-2016, 05:52 AM

RE: CodeIgniter CSRF Protection With Ajax - by SammieL - 09-15-2016, 06:05 AM

RE: CodeIgniter CSRF Protection With Ajax - by spjonez - 09-16-2016, 11:40 AM

RE: CodeIgniter CSRF Protection With Ajax - by dave friend - 09-15-2016, 06:30 AM

RE: CodeIgniter CSRF Protection With Ajax - by Tagzx - 06-06-2017, 06:01 PM