Codeignitor 3 CSRF issue with ajax call before form submit |
I have a form that uses CI 3 CSRF with the following configuration:
Code: $config['csrf_protection'] = TRUE; In that form, I placed an ajax code that runs when I fill the username filed to check for its existance in the database. I'm using this library js-cookie to read the token from a cookie which will get it either I'm using a form or not. Code: $.ajax({ When I load my form I see that the csrf hidden field has a value like Code: <input type="hidden" name="csrf_token_name" value="b9839f6455e7992c6dee529fe066dfc4" /> When I enter a username the ajax call is run and I can see that the token 'csrf_token_name' saved in the cookie is different than the value in the form. If I submit the form I get "An Error Was Encountered. The action you have requested is not allowed." I guess the tokens are no longer the same so is there any solution to this except turning off the csrf_regenerate ? Thanks. |
Messages In This Thread |
Codeignitor 3 CSRF issue with ajax call before form submit - by CIDev - 08-13-2017, 08:41 AM
RE: Codeignitor 3 CSRF issue with ajax call before form submit - by InsiteFX - 08-14-2017, 04:21 AM
RE: Codeignitor 3 CSRF issue with ajax call before form submit - by CIDev - 08-14-2017, 04:30 AM
|