Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support CSRF with external forms
CSRF with external forms
  • Offline 68thorby68
    Member
  • ***
  • Posts: 114
    Threads: 48
    Joined: Apr 2020
    Reputation: 1
#1
10-07-2023, 03:40 AM

Hi,
I have implemented CSRF on my site and all is working as expected hwn making AJAX posts to my controller(s). 
However, it appears that external communication with Stripe fails (it was working before implementing CSRF).
Would I need to include the Stripe URL's (or something else) in the Excpet array in Filters?
Many thanks.
Reply
  • Offline sammyskills
    Member
  • ***
  • Posts: 116
    Threads: 2
    Joined: Nov 2020
    Reputation: 7
#2
10-07-2023, 05:18 AM

You will need to exclude the URL(s) that stripe sends (a) POST request(s) to in your application.
Reply
  • Offline donpwinston
    Web Developer
  • ****
  • Posts: 262
    Threads: 58
    Joined: Jan 2016
    Reputation: 7
#3
10-08-2023, 05:59 AM

(10-07-2023, 03:40 AM)68thorby68 Wrote: Hi,
I have implemented CSRF on my site and all is working as expected hwn making AJAX posts to my controller(s). 
However, it appears that external communication with Stripe fails (it was working before implementing CSRF).
Would I need to include the Stripe URL's (or something else) in the Excpet array in Filters?
Many thanks.

In Config/Filters.php yo need to do something like this:

PHP Code:
  'csrf' => ['except' => ['receive-pdf''receive_pdf']],

You have to essentially not use csrf for this url/post or implement it yourself somehow in your app and the app making the request
Simpler is always better
Reply




Theme © iAndrew 2016 - Forum software by © MyBB