Welcome Guest, Not a member yet? Register   Sign In
Token Regeneration not worked

I am following the documentation https://www.codeigniter.com/user_guide/l...generation
I set the value to false
Then I open two tabs and make a request from one then from the second, and the second page writes a 403 error. And besides, it clogs the log with these messages, although this is not an error. On laravel, everything works right away and does not clog the log

What are the these messages?
and what do you mean by "clogs the log"?

(07-12-2023, 06:12 PM)kenjis Wrote: What are the these messages?
and what do you mean by "clogs the log"?

Big Grin

When you set CSRFT tokens to be regenerated every time a new request is made (with a token), and open multiple browser tabs of the same web app, only the active tab on which you sent the most recent request will receive the regenerated token, and there is no existing mechanism to pass on the most up-to-date (regenerated) token to the other tabs. The ability to have all the tabs the most recent token (that gets regenerated with every request) could maybe achieved some JavaScript wizardry, but I have seen no such practice anywhere by any developer or company, except some online banking web apps, which force you to work with a single pop-up window and not allowing any additional tabs or other windows.

Bottomline: It's not a popular practice for server-side rendered applications.

CodeIgniter Wizard (CRUD code generator for Mac) instantly scaffolds Bootstrap-based web applications with an administrative interface (admin templates include Bootstrap5)


Theme © iAndrew 2016 - Forum software by © MyBB