• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
CSRF Token Didn't Match

#1
Sad 
I need help, i activating csrf protection, but i have test with create a form search, always get these error "The action you have requested is not allowed." every the second submit, and i after check csrf token in html code did not match with have entered the browser.

<input type="hidden" name="'.$this->security->get_csrf_token_name().'" value="'.$this->security->get_csrf_hash().'">

I using CodeIgniter v3.1.9


Attached Files Thumbnail(s)
       
Reply

#2
Are you submitting it with AJAX?

Then you need to return a new key from the server and update the html form after submitting. There are some threads here about that. But personally I have disabled CSRF re-generation. So I keep the same CSRF-key for the user.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.