dungphanxuan
Reputation: 615
CSRF token doesn't work (yii2) with https
I test app on local is ok. I deploy to server with https domain. When i submit form then show 400 Error: Bad Request (#400): Unable to verify your data submission.
And have problem with Https, how can i fix it
Upvotes: 4
Views: 904
Answers (1)
Bizley
Reputation: 18021
Maybe you have got non-secure cookies blocked when sending over https. Try this in configuration:
return [
// ...
'components' => [
// ...
'request' => [
'class' => 'yii\web\Request',
'csrfCookie' => [
'httpOnly' => true,
'secure' => true,
],
],
],
];
Upvotes: 7
Related Questions
- Yii CSRF Token cannot be verified
- csrf validation in yii2 not working
- CSRF Tokens in Yii2 REST API with cookie stored tokens
- yii2 CSRF not validating host
- Yii 1.1.17: CSRF token validation fails with POST via Angular Controller
- CSRF token doesn't work (yii2)
- Can't find CSRF token as i try to send POST data thru a link in Yii
- Yii Ajax request CSRF can not be verified
- Csrf token isn't being created in subdomain
- Yii - Error 400 The CSRF token could not be verified