L.Nelson
Reputation: 63
csrf validation in yii2 not working
I have enabled csrf validation as true in my controller.But after few minutes, while submitting the form,csrf token got expired and got bad request message,eventhough I am passing csrf token through ajax.Please provide me a solution to get over this issue.
Below is my sample code
Controller
public function beforeAction($action)
{
$this->enableCsrfValidation = true;
return parent::beforeAction($action);
}
JS page
var csrfToken = $('meta[name="csrf-token"]').attr("content");
Ajax call
var values = {
'id' : id,
'cpcode' : cpcode,
'_csrf' : csrfToken
};
$.ajax({
type : 'POST', //Method type
url : baseurl +'/site/test',
data : values,
dataType : 'json',
success : function(data)
{
}
}
);
main.php
<head> <?= Html::csrfMetaTags() ?></head>
Upvotes: 0
Views: 2827
Answers (2)
redflasher
Reputation: 717
Try add header like this:
$.ajax({
...
headers: {'X-CSRF-Token':"U05vc3J6YmVmPgAaFh8gAiMvPBQTETMrBjc8JRA4GywBBwMGAzA7Og=="},
...
}
Upvotes: 1
Bizley
Reputation: 18021
Shouldn't it be:
var values = {
'id': id,
'cpcode': cpcode,
yii.getCsrfParam(): yii.getCsrfToken()
};
Upvotes: 0
Related Questions
- Yii 2.0 CSRF validation for AJAX request
- HttpException:400 Unable to verify your data submission
- Unable to validate CSRF at controller in codeIgniter with ajax
- Yii CSRF Token cannot be verified
- How to handle CSRF Validation in Yii2 Framework?
- Yii2 ajax validation not work
- Yii 1.1.17: CSRF token validation fails with POST via Angular Controller
- CSRF issue when using AJAX submit via link in Yii2
- CSRF token doesn't work (yii2)
- Yii Ajax request CSRF can not be verified