| Almost got AJAX requests playing nicely with CSRF... almost. |
[eluser]itsdanieloconnor[/eluser]
Hey Everyone, I feel like I've tried everything.. I'm following the guide on this site to get AJAX working with the new csrf protection in 2.0. Code: $('.remove').click(function() {When I click one of the remove links, Firbug shows that it's still giving me a 500 error. Here's what it says the post info is: Code: csrf_cookie_name c9cacc5fe882920fd8a8cf53690d9ed2All of that looks good. Where am I going wrong? Thanks! Dan
[eluser]Eric Barnes[/eluser]
I believe your cookie is wrong. csrf_token_name: $.cookie("csrf_cookie_name") http://ericlbarnes.com/blog/post/codeign..._with_ajax
[eluser]itsdanieloconnor[/eluser]
[quote author="Eric Barnes" date="1303462897"]I believe your cookie is wrong. csrf_token_name: $.cookie("csrf_cookie_name") http://ericlbarnes.com/blog/post/codeign..._with_ajax[/quote] Thanks for the reply! When I use that, I end up getting null for csrf_token_name. Firebug says that the cookie is being stored as ci_csrf_token. EDIT: I'm using 2.0.2 EDIT 2: I got it working by using the following: Code: 'ci_csrf_token': $.cookie("ci_csrf_token")Does anyone know why that is? I thought ci_csrf_token is not used anymore?
[eluser]Unknown[/eluser]
The browser makes an AJAX request. In that request, a special header is set: X-Requested-With. This header is non-standard, but it’s used by many JavaScript libraries (i.e., jQuery, Prototype). On the server side, the server validates the request to make sure the header exists in the request. If it doesn’t, the request is rejected. If you’re using a library like jQuery, this is the only bit of code you have to implement. best electric fence |
| Welcome Guest, Not a member yet? Register Sign In |
MENU
EXTRA MENU
ABOUT US
CodeIgniter is a powerful PHP framework with a very small footprint, built for developers who need a simple and elegant toolkit to create full-featured web applications.
