Welcome Guest, Not a member yet? Register   Sign In
POST via Ajax returns 403 with CSRF enabled
#7

(04-06-2020, 03:16 PM)Gary Wrote: As far as I'm aware, contentType is a page header field.

I suspect when it arrives in your AJAX submission, it confuses things on the server side because it's not something that's expected.

I don't believe it's supposed to be included. data: is what is submitted to the server, and although there's two or three formats this data: can be, it is ultimately always converted to a query string before it is sent (so the server is only ever expecting this and not a programmer-spec'd contentType).


Yes, CI expects urlencoded, I would swear I did try x-www-form-urlencoded in one of my previous attempts... anyway, here it is the valid Ajax submission, it might help someone in the future:
Code:
const sendContactForm = (contactFormData) => {
    $.ajax({
        type: 'POST',
        url: apiUrl,
        data: contactFormData,
        contentType: 'application/x-www-form-urlencoded; charset=UTF-8',
        headers: {'X-Requested-With': 'XMLHttpRequest'},
        dataType: 'json',
        success: function(result){
            console.log(result);
        },
        error: function(result){
            console.log(result.responseJSON);
        }
    })
}


Thanks you!  Heart
Reply


Messages In This Thread
RE: POST via Ajax returns 403 with CSRF enabled - by marcvidalim - 04-08-2020, 02:23 AM



Theme © iAndrew 2016 - Forum software by © MyBB