Reputation: 11
CSRF not working properly in codeigniter
I am using codeigniter 3.0.6. Currently working on one page website where there is a search functionality. I have enabled the csrf_protection option in the codeigniter's config file, and used form_open() function to create form.
When I press submit button the search functionality works well, but after submit the form when I refresh the page (with any functionality to refresh the page ie. from keybord or browser refresh) then CSRF doesn't work and display the error "The action you have requested is not allowed.".
Note : I am using post method to submit the form & set csrf_regenerate to true.
Upvotes: 1
Views: 2110
Answers (1)
Reputation: 8964
The problem is with $config['csrf_regenerate'] = TRUE; set it to FALSE instead.
When TRUE every time you POST to the server the CSRF token changes value. The page must be fully reloaded in order for to receive the new token. A back button won't fully reload the page but the browser's refresh/reload button should.
Upvotes: 1
Related Questions
- Codeigniter csrf protection error:
- codeigniter CSRF error: "The action you have requested is not allowed."
- CodeIgniter CSRF failing on forms
- CodeIgniter , Csrf token
- CSRF token Codeigniter
- CSRF and Ajax issue in CodeIgniter 3
- ERROR While enabling CSRF protection TRUE in codeigniter
- Codeigniter CSRF question
- Codeigniter CSRF Jquery Issue
- CSRF token problem with CodeIgniter