Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support I have a problem with ajax and csrf - The action you requested is not allowed.
I have a problem with ajax and csrf - The action you requested is not allowed.
  • Offline Secux
    Junior Member
  • **
  • Posts: 28
    Threads: 16
    Joined: May 2021
    Reputation: 0
#1
08-29-2021, 05:37 AM
(This post was last modified: 09-01-2021, 12:40 PM by Secux.)

Hello,
I have a problem with ajax and csrf. -
this is my code:
view:
Code:
<script>
$('#view').html('<i class="fa fa-spinner fa-spin  text_primary"></i>');
$.ajax({
url: "https://site.com/api/view",
type: "POST",
contentType: "application/json",
headers: {'X-Requested-With': 'XMLHttpRequest'},
data: {'<?= csrf_token() ?>':'<?= csrf_hash() ?>'},
cache: false,
success: function(data){
$('#view').html(data);
/* $.each(data, function(i,data){
json_data = '<tr>'+
'<td valign="top">'+
'<div class="feed_title">'+data.name+'</div>'+

'</td>'+
'</tr>';
$(json_data).appendTo('#view');
});*/
},error: function(xhr, status, error){
alert(xhr.responseText);

    }
           
});</script><script><script>


controller:
PHP Code:
public function view() {
 
        if ($this->request->getMethod() == 'post') {
 if ($this->Session->get('id') != NULL) {
 $data $this->Resume->where('userID'session()->get('id'))->orderBy('fromY''asc')->findAll();
 $response[] = array('status'  => '200');
 foreach($data as $row)
 {
 $response[] = array(
 "id" => $row['userID'],
"name" => $row['name'],
 );

 }

 } else {
 $response = [
 'status'  => '201',
 'error'    => 'No Data Found'
 ];
              
 }
 
 } else {

 $response = [
 'status'  => '201',
 'error'    => 'Request not allowed'
 ];
 
 } 
 
 return $this->response->setJSON($response);
 } 

error:

Code:
{
    "title": "CodeIgniter\\Security\\Exceptions\\SecurityException",
    "type": "CodeIgniter\\Security\\Exceptions\\SecurityException",
    "code": 403,
    "message": "The action you requested is not allowed.",
    "file": "/home/X/system/Security/Security.php",
    "line": 240,
    "trace": [
        {
            "file": "/home/X/system/Security/Security.php",
            "line": 240,
            "function": "forDisallowedAction",
            "class": "CodeIgniter\\Security\\Exceptions\\SecurityException",
            "type": "::"
        },
        {
            "file": "/home/X/system/Filters/CSRF.php",
            "line": 57,
            "function": "verify",
            "class": "CodeIgniter\\Security\\Security",
            "type": "->"
        },
        {
            "file": "/home/X/system/Filters/Filters.php",
            "line": 181,
            "function": "before",
            "class": "CodeIgniter\\Filters\\CSRF",
            "type": "->"
        },
        {
            "file": "/home/X/system/CodeIgniter.php",
            "line": 407,
            "function": "run",
            "class": "CodeIgniter\\Filters\\Filters",
            "type": "->"
        },
        {
            "file": "/home/X/system/CodeIgniter.php",
            "line": 336,
            "function": "handleRequest",
            "class": "CodeIgniter\\CodeIgniter",
            "type": "->"
        },
        {
            "file": "/home/X/public_html/index.php",
            "line": 36,
            "function": "run",
            "class": "CodeIgniter\\CodeIgniter",
            "type": "->"
        }
    ]
}
Reply


Messages In This Thread
I have a problem with ajax and csrf - The action you requested is not allowed. - by Secux - 08-29-2021, 05:37 AM



Theme © iAndrew 2016 - Forum software by © MyBB