Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support filter except not working
filter except not working
#1
09-07-2023, 06:23 AM

Hi, am facing issue with except csrf filter in filters

Code:
public array $globals = [
        'before' => [
            'honeypot',
            'csrf' =>
            ['except' =>
                [
                    'administrator/school/registration/remove',
                ],
            ],
            'invalidchars',
        ],
        'after' => [
            'toolbar',
            'honeypot',
            'secureheaders',
        ],
    ];
Reply
  • Offline sammyskills
    Member
  • ***
  • Posts: 116
    Threads: 2
    Joined: Nov 2020
    Reputation: 7
#2
09-07-2023, 08:08 AM

What exactly is the issue you are facing?

Maybe you need to take a look at the docs again.
Reply
#3
09-07-2023, 08:59 AM

we want to just white listed some uri in filters with csrf
Reply
  • Offline sammyskills
    Member
  • ***
  • Posts: 116
    Threads: 2
    Joined: Nov 2020
    Reputation: 7
#4
09-07-2023, 09:14 AM

Type this in your terminal and paste the result here:

Code:
php spark filter:check post administrator/school/registration/remove
Reply
#5
09-07-2023, 09:21 AM
(This post was last modified: 09-07-2023, 09:44 AM by hinditutorpoint. Edit Reason: add some detail )

+--------+------------------------------------------+------------------------------------------------+-------------------------------------+
| Method | Route | Before Filters | After Filters |
+--------+------------------------------------------+------------------------------------------------+-------------------------------------+
| POST | administrator/school/registration/remove | ajax honeypot invalidchars csrf throttle admin | ajax honeypot secureheaders toolbar |
+--------+------------------------------------------+------------------------------------------------+-------------------------------------+
response this csrf error
The action you requested is not allowed.
ci : 4.3.5 uri white listed working perfect but ci:4.4.0 not working
Reply
  • Offline sammyskills
    Member
  • ***
  • Posts: 116
    Threads: 2
    Joined: Nov 2020
    Reputation: 7
#6
09-07-2023, 01:09 PM

(09-07-2023, 09:21 AM)hinditutorpoint Wrote: +--------+------------------------------------------+------------------------------------------------+-------------------------------------+
| Method | Route                                    | Before Filters                                | After Filters                      |
+--------+------------------------------------------+------------------------------------------------+-------------------------------------+
| POST  | administrator/school/registration/remove | ajax honeypot invalidchars csrf throttle admin | ajax honeypot secureheaders toolbar |
+--------+------------------------------------------+------------------------------------------------+-------------------------------------+
response this csrf error
The action you requested is not allowed.
ci : 4.3.5 uri white listed working perfect but ci:4.4.0 not working

This simply means that CSRF filter is being applied to the url. 

Can you show the complete code for your filter file app/Config/Filters.php ?
Reply




Theme © iAndrew 2016 - Forum software by © MyBB