| CSRF Token AJAX |
|
Hi, yes, that would be the correct outcome if you have $config['csrf_regenerate'] = TRUE, which looks like you do.
The CI guide: "Tokens may be either regenerated on every submission (default) or kept the same throughout the life of the CSRF cookie. The default regeneration of tokens provides stricter security, but may result in usability concerns as other tokens become invalid (back/forward navigation, multiple tabs/windows, asynchronous actions, etc)." - https://www.codeigniter.com/user_guide/l...rgery-csrf As Kmycic states, you need to return a new CSRF token in your ajax response and then have JS update your form field if you wish to submit the form again. In addition to that, you are using the form_open function which will add your CSRF token to the form, there is no need to add it directly to the java script function. I would look at the ajax serialize function which will include the hidden CSRF token when the form is submitted. |
| Messages In This Thread |
|
CSRF Token AJAX - by buzztomi - 03-15-2018, 07:22 PM
RE: CSRF Token AJAX - by Kmycic - 03-16-2018, 12:15 AM
RE: CSRF Token AJAX - by InsiteFX - 03-16-2018, 04:39 AM
RE: CSRF Token AJAX - by buzztomi - 03-18-2018, 06:50 PM
RE: CSRF Token AJAX - by buzztomi - 03-22-2018, 07:46 PM
RE: CSRF Token AJAX - by Mr Lister - 03-22-2018, 08:29 PM
RE: CSRF Token AJAX - by hieuhuynh - 03-22-2018, 09:41 PM
RE: CSRF Token AJAX - by InsiteFX - 03-23-2018, 03:46 AM
|
