CSRF The action you have requested is not allowed |
09-25-2016, 10:07 AM
(This post was last modified: 09-25-2016, 10:11 AM by PaulD. Edit Reason: Minor typo ) Quote:I know this has been asked a bit but can not find suitable solution. So is this what is happening? 1. Page loads 2. Form submitted 3. Page loads with error messages 4. You manually press 'reload page' 5. Get CSRF error If so, then yes, this is what it should be doing. 1. Page loads (CSRF set to 'abc...') 2. Form submitted (CSRF checked, passes, reset to 'xyz...') 3. Page loads with error messages (Plus new CSRF code 'xyz...') 4. You manually press 'reload page' (Tries to reload the original post with 'abc' code) 5. Get CSRF error (CSRF checked, fails as sending 'abc...' but expecting 'xyz...') The only way to alter this behavior is to not reset the CSRF code automatically, which I do not recommend doing. What you are trying to overcome is exactly what CSRF is there to prevent, posting of form data that was either already posted or did not originate from the server. Sorry if that is not much help. What would represent a 'suitable solution' for you, how would you want it to behave? Paul. |
Messages In This Thread |
CSRF The action you have requested is not allowed - by wolfgang1983 - 09-24-2016, 01:25 AM
RE: CSRF The action you have requested is not allowed - by PaulD - 09-24-2016, 03:50 PM
RE: CSRF The action you have requested is not allowed - by wolfgang1983 - 09-24-2016, 04:31 PM
RE: CSRF The action you have requested is not allowed - by PaulD - 09-25-2016, 10:07 AM
RE: CSRF The action you have requested is not allowed - by blaasvaer - 11-20-2017, 01:46 AM
RE: CSRF The action you have requested is not allowed - by dave friend - 11-20-2017, 03:34 PM
RE: CSRF The action you have requested is not allowed - by tommebasso - 11-24-2016, 11:19 PM
|