• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
csrf_protection bug. Cant make it work

I'm having this error message for all browsers except FireFox.

An Error Was Encountered
The action you have requested is not allowed.

Please help me solve this problem. thanks Smile

Check out these links:

Thanks for the links Smile But unfortunately still no luck. the problem still exists :/ I really need to use that csrf_protection.


Eric Barnes - CodeIgniter CSRF Protection With Ajax

Thanks for the link sir. It maybe helpful for me when I will implement ajax in the site that I'm building with csrf_protection. Nwei back to topic, It is not the solution for my current problem. But thanks for your help Smile

I don't think anyone will be able to really answer your question with the little information you have provided, which is probably why people are just posting links. It's too generic and you show no code. It's a bit like saying "my car is making a noise when I am driving. What's the problem?"

Sorry sir. Nwei back to the topic.. the csrf_token is present when I view the source:
<input type="hidden" name="csrf_test_name" value="a95b55ae4a2a751bbf13bce3769e0ff4" />

I'm using form_open() function so the csrf token is inserted automatically in my forms.

here is the config.php file:
$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;

But when I submit the form it shows me this error message:
An Error Was Encountered
The action you have requested is not allowed.

I’m having this error message for all browsers except FireFox ONLY IN MY LAPTOP if the site is online in a web host but when I'm in localhost there is no problem. When I test it on other laptops there is no problem even if the site is online in a web host. I also tested it on mobile and ipad and there is no problem. I'm wondering why I'm only having this problem in my laptop. I tried clearing the cache and even reformat my laptop but the problem still exists.

PS: I'm also having a session problem being lost after redirect only in my laptop but it also works fine when using firefox browser or when I'm in localhost.

Nwei Im using Windows 7 64 bit.

I tried it using linux mint OS in my laptop and I don't encounter any problem..

Try removing all underscores from any cookie names, including your regular sessions.

I removed the underscores but it didn't solved the problem.

$config['csrf_token_name'] = 'csrftestname';
$config['csrf_cookie_name'] = 'csrfcookiename';

What are the rest of your cookie settings...path, domain, etc.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.