Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming csrf_protection bug. Cant make it work
csrf_protection bug. Cant make it work
  • El Forum
    Guest
  •  
#1
07-27-2012, 08:57 AM

[eluser]rei[/eluser]
I'm having this error message for all browsers except FireFox.

An Error Was Encountered
The action you have requested is not allowed.

Please help me solve this problem. thanks Smile

  • El Forum
    Guest
  •  
  • El Forum
    Guest
  •  
#3
07-29-2012, 04:09 PM

[eluser]rei[/eluser]
Thanks for the links Smile But unfortunately still no luck. the problem still exists :/ I really need to use that csrf_protection.
  • El Forum
    Guest
  •  
#4
07-30-2012, 01:03 AM

[eluser]InsiteFX[/eluser]

Eric Barnes - CodeIgniter CSRF Protection With Ajax
  • El Forum
    Guest
  •  
#5
07-30-2012, 06:10 AM

[eluser]rei[/eluser]
Thanks for the link sir. It maybe helpful for me when I will implement ajax in the site that I'm building with csrf_protection. Nwei back to topic, It is not the solution for my current problem. But thanks for your help Smile
  • El Forum
    Guest
  •  
#6
07-30-2012, 10:15 AM

[eluser]CroNiX[/eluser]
I don't think anyone will be able to really answer your question with the little information you have provided, which is probably why people are just posting links. It's too generic and you show no code. It's a bit like saying "my car is making a noise when I am driving. What's the problem?"
  • El Forum
    Guest
  •  
#7
07-30-2012, 03:44 PM

[eluser]rei[/eluser]
Sorry sir. Nwei back to the topic.. the csrf_token is present when I view the source:
Code:
<input type="hidden" name="csrf_test_name" value="a95b55ae4a2a751bbf13bce3769e0ff4" />
</div>

I'm using form_open() function so the csrf token is inserted automatically in my forms.

here is the config.php file:
Code:
$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;

But when I submit the form it shows me this error message:
An Error Was Encountered
The action you have requested is not allowed.

I’m having this error message for all browsers except FireFox ONLY IN MY LAPTOP if the site is online in a web host but when I'm in localhost there is no problem. When I test it on other laptops there is no problem even if the site is online in a web host. I also tested it on mobile and ipad and there is no problem. I'm wondering why I'm only having this problem in my laptop. I tried clearing the cache and even reformat my laptop but the problem still exists.

PS: I'm also having a session problem being lost after redirect only in my laptop but it also works fine when using firefox browser or when I'm in localhost.

Nwei Im using Windows 7 64 bit.

I tried it using linux mint OS in my laptop and I don't encounter any problem..


  • El Forum
    Guest
  •  
#8
07-30-2012, 03:47 PM

[eluser]CroNiX[/eluser]
Try removing all underscores from any cookie names, including your regular sessions.
  • El Forum
    Guest
  •  
#9
07-30-2012, 03:52 PM

[eluser]rei[/eluser]
I removed the underscores but it didn't solved the problem.

Code:
$config['csrf_token_name'] = 'csrftestname';
$config['csrf_cookie_name'] = 'csrfcookiename';
  • El Forum
    Guest
  •  
#10
07-30-2012, 03:55 PM

[eluser]CroNiX[/eluser]
What are the rest of your cookie settings...path, domain, etc.




Theme © iAndrew 2016 - Forum software by © MyBB