Welcome Guest, Not a member yet? Register   Sign In
CSRF Token Didn't Match
#1
Sad 
(This post was last modified: 11-24-2018, 03:00 PM by andhika.)

I need help, i activating csrf protection, but i have test with create a form search, always get these error "The action you have requested is not allowed." every the second submit, and i after check csrf token in html code did not match with have entered the browser.

<input type="hidden" name="'.$this->security->get_csrf_token_name().'" value="'.$this->security->get_csrf_hash().'">

I using CodeIgniter v3.1.9

Attached Files Thumbnail(s)
       
Reply
#2

Are you submitting it with AJAX?

Then you need to return a new key from the server and update the html form after submitting. There are some threads here about that. But personally I have disabled CSRF re-generation. So I keep the same CSRF-key for the user.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB