Facing a Forbidden issue |
Seeing the code involved will allow people to offer the best advice.
Read the documentation on Cross-site request forgery (CSRF) carefully. That should make clear the need for a hidden csrf <input> field in your forms when using PHP Code: $config['csrf_protection'] = TRUE; It's important to understand the with this setting... PHP Code: $config['csrf_regenerate'] = TRUE; The CSRF hash value will change with every POST request to the server. (Only POST, not GET) If your AJAX is a POST then you need to update the hidden CSRF <input> with the new hash value otherwise the next POST will produce the 403 error. One way do the update is have the AJAX response return the new hash and use JavaScript to update the hidden <input>. Again, show us your code for advice related to your situation. |
Messages In This Thread |
Facing a Forbidden issue - by jyoti sudyal - 02-22-2018, 12:09 AM
RE: Facing a Forbidden issue - by InsiteFX - 02-22-2018, 05:20 AM
RE: Facing a Forbidden issue - by jyoti sudyal - 02-22-2018, 05:50 AM
RE: Facing a Forbidden issue - by dave friend - 02-22-2018, 08:39 AM
RE: Facing a Forbidden issue - by jyoti sudyal - 02-22-2018, 10:29 PM
RE: Facing a Forbidden issue - by dave friend - 02-23-2018, 08:54 AM
RE: Facing a Forbidden issue - by jyoti sudyal - 02-25-2018, 10:14 PM
|