-
vimkaf
Junior Member
-
Posts: 20
Threads: 8
Joined: Jan 2022
Reputation:
0
03-18-2022, 01:00 PM
(This post was last modified: 03-18-2022, 01:01 PM by vimkaf.)
I am working on an API and i want to exempt some routes from CSRF check whenever i use the except property on a singe URI like this
PHP Code: public $globals = [
'before' => [
'csrf' => ['except' => 'api/*'],
],
'after' => [
'toolbar',
// 'honeypot',
],
];
Everything works fine but if I make the except have multiple URIs like this
PHP Code: public $globals = [
'before' => [
'csrf' => [
['except' => ['api/*', 'hook/*']]
]
],
'after' => [
'toolbar',
// 'honeypot',
],
];
I get an error " Can't find a route for 'api/buy/data' " from my postman response as shown below
Code: {
"title": "CodeIgniter\\Exceptions\\PageNotFoundException",
"type": "CodeIgniter\\Exceptions\\PageNotFoundException",
"code": 404,
"message": "Can't find a route for 'api/buy/data'.",
"file": "C:\\laragon\\www\\payproject\\vendor\\codeigniter4\\framework\\system\\CodeIgniter.php",
"line": 885,
"trace": [
{
"file": "C:\\laragon\\www\\payproject\\vendor\\codeigniter4\\framework\\system\\CodeIgniter.php",
"line": 885,
"function": "forPageNotFound",
"class": "CodeIgniter\\Exceptions\\PageNotFoundException",
"type": "::",
"args": [
"Can't find a route for 'api/buy/data'."
]
},
{
"file": "C:\\laragon\\www\\payproject\\vendor\\codeigniter4\\framework\\system\\CodeIgniter.php",
"line": 340,
"function": "display404errors",
"class": "CodeIgniter\\CodeIgniter",
"type": "->",
"args": [
{}
]
},
{
"file": "C:\\laragon\\www\\payproject\\public\\index.php",
"line": 37,
"function": "run",
"class": "CodeIgniter\\CodeIgniter",
"type": "->",
"args": []
}
]
}
My CI Version is 4.1.9
My PHP Version is 7.4.3
What I have tried?
1. I have tried downgrading CI to 4.1.8, it didn't have any effect.
2. Changed PHP to v8.1 - No effect still
3. Slept and woke up  no changes
4. Restarted Apache, Postman,  .
I have no idea what's causing this behaviour. Please help this poor sob.
-
renietomx
Newbie
-
Posts: 1
Threads: 0
Joined: May 2022
Reputation:
0
05-14-2022, 07:22 AM
(This post was last modified: 05-16-2022, 04:44 AM by renietomx.)
(03-18-2022, 01:00 PM)vimkaf Wrote: I am working on an API and i want to exempt some routes from CSRF check whenever i use the except property on a singe URI like this
PHP Code: public $globals = [
'before' => [
'csrf' => ['except' => 'api/*'],
],
'after' => [
'toolbar',
// 'honeypot',
],
];
Everything works fine but if I make click here the except have multiple URIs like this
PHP Code: public $globals = [
'before' => [
'csrf' => [
['except' => ['api/*', 'hook/*']]
]
],
'after' => [
'toolbar',
// 'honeypot',
],
];
Code: {
"title": "CodeIgniter\\Exceptions\\PageNotFoundException",
"type": "CodeIgniter\\Exceptions\\PageNotFoundException",
"code": 404,
"message": "Can't find a route for 'api/buy/data'.",
"file": "C:\\laragon\\www\\payproject\\vendor\\codeigniter4\\framework\\system\\CodeIgniter.php",
"line": 885,
"trace": [
{
"file": "C:\\laragon\\www\\payproject\\vendor\\codeigniter4\\framework\\system\\CodeIgniter.php",
"line": 885,
"function": "forPageNotFound",
"class": "CodeIgniter\\Exceptions\\PageNotFoundException",
"type": "::",
"args": [
"Can't find a route for 'api/buy/data'."
]
},
{
"file": "C:\\laragon\\www\\payproject\\vendor\\codeigniter4\\framework\\system\\CodeIgniter.php",
"line": 340,
"function": "display404errors",
"class": "CodeIgniter\\CodeIgniter",
"type": "->",
"args": [
{}
]
},
{
"file": "C:\\laragon\\www\\payproject\\public\\index.php",
"line": 37,
"function": "run",
"class": "CodeIgniter\\CodeIgniter",
"type": "->",
"args": []
}
]
}
My CI Version is 4.1.9
My PHP Version is 7.4.3
What I have tried?
1. I have tried downgrading CI to 4.1.8, it didn't have any effect.
2. Changed PHP to v8.1 - No effect still
3. Slept and woke up no changes
4. Restarted Apache, Postman, .
I have no idea what's causing this behaviour. Please help this poor sob.
have you got the solution? I have tried the @ iRedds solution but still facing the issue 
|
CSRF Except not working on multiple URI Paths
