Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support csrf regenrate in ajax post
csrf regenrate in ajax post
  • Offline cilux
    Junior Member
  • **
  • Posts: 12
    Threads: 8
    Joined: Mar 2020
    Reputation: 0
#1
05-15-2020, 01:27 PM

I have this code for post data using ajax:

Code:
        $("selector").select2({
            minimumInputLength: 3,
            theme: 'bootstrap4',
            width: 'auto',
            ajax: {
                url: "<?= route_to('autocomplete'); ?>",
                type: "post",
                dataType: 'json',
                delay: 250,
                data: function(params) {
                    return {
                        searchTerm: params.term,
                        csrf_token: csrf_token // token get from js var
                    };
                },
                processResults: function(response) {
                    return {
                        results: response
                    };
                },
                cache: true
            }
        });

if I enable token regenerate, my code work only for first post data.

I not found best practice for fix csrf token regenerate in multiple ajax post. any one can help!?
Reply
  • Offline seunex
    Codeigniter Rocker
  • ***
  • Posts: 123
    Threads: 29
    Joined: Jun 2019
    Reputation: 2
#2
05-15-2020, 07:57 PM

Why not the filter to tell card to ignore the actual controller and do some checking in the controller by checking if the actual post I ajax request
Reply
  • Offline cilux
    Junior Member
  • **
  • Posts: 12
    Threads: 8
    Joined: Mar 2020
    Reputation: 0
#3
05-16-2020, 12:46 AM

Sorry but whats your mean ?!
Reply
  • Offline InsiteFX
    Super Moderator
  • ******
  • Posts: 6,817
    Threads: 351
    Joined: Oct 2014
    Reputation: 251
#4
05-16-2020, 03:14 AM

Read this.

Codeigniter CSRF valid for only one time ajax request

For CI 3 but should work in CI 4.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
  • Offline cilux
    Junior Member
  • **
  • Posts: 12
    Threads: 8
    Joined: Mar 2020
    Reputation: 0
#5
05-16-2020, 05:28 AM
(This post was last modified: 05-16-2020, 05:30 AM by cilux.)

(05-16-2020, 03:14 AM)InsiteFX Wrote: Read this.

Codeigniter CSRF valid for only one time ajax request

For CI 3 but should work in CI 4.

I read it before, this is not clear way for add token in each ajax json response controller. i think codeigniter need to laravel solution like this
Reply
  • Offline InsiteFX
    Super Moderator
  • ******
  • Posts: 6,817
    Threads: 351
    Joined: Oct 2014
    Reputation: 251
#6
05-16-2020, 07:54 AM

Maybe something like this, not tested.

Code:
$(function($) {

    // this script needs to be loaded on every page where an ajax POST may happen

    $.ajaxSetup({
        data: {
            // you would need to load the Security Lib in the Controller.
            '<?php echo $security->getCSRFTokenName(); ?>' :
            '<?php echo $security>getCSRFHhash();?>'
        }
    });

    // now write your ajax script

});

Not sure if the view would see the security lib from the controller.

I'll play around with this later on.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply




Theme © iAndrew 2016 - Forum software by © MyBB