| ajax problem |
[eluser]jairoh_[/eluser]
can someone help me pls? supposedly it will alert a message from a controller function. but an error will be thrown. tnx here is my ajax call http://imageshack.us/photo/my-images/706/90982823.png/ here is my function http://imageshack.us/photo/my-images/845/function.png/ here is the error http://imageshack.us/photo/my-images/593/errorfv.png/
[eluser]jairoh_[/eluser]
i solved it. i just set csrf_protection into FALSE. is it a bug? i just wanted it to be set into TRUE
[eluser]TheFuzzy0ne[/eluser]
Hmm... It might be. It seems that when CSRF is enabled, CodeIgniter expects ALL forms to submit a CSRF token. It is possible to disable it by adding a bit of logic to your config file to check the URL and set it to FALSE is the URL matches. Another workaround might be to base64_encode() your AJAX parameters, and use GET.
[eluser]jairoh_[/eluser]
i just knew that setting csrf doesn't support ajax. and codeigniter 2.0 has already a built in csrf protection for forms. 
[eluser]TheFuzzy0ne[/eluser]
The built-in CSRF protection you're talking about only works when you enable CSRF protection in your config, and use form_open() in your views. As I suggested, you can add some logic in your configuration file, to disable it for specific URLs. I think that you're referring to XSS, which is not the same as CSRF.
[eluser]jairoh_[/eluser]
[quote author="TheFuzzy0ne" date="1364644961"]The built-in CSRF protection you're talking about only works when you enable CSRF protection in your config, and use form_open() in your views. As I suggested, you can add some logic in your configuration file, to disable it for specific URLs. I think that you're referring to XSS, which is not the same as CSRF.[/quote] i've this article http://www.web-and-development.com/5-rea...deigniter/ |
| Welcome Guest, Not a member yet? Register Sign In |
