Reputation: 31
Codeigniter csrf protection error:
I Am using CI 2. I have enabled CSRF protection in the config file:
$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'sitename';
$config['csrf_cookie_name'] = 'sitename';
$config['csrf_expire'] = 7200;
I am using Codeigniter forms only. Sometimes I get the error “you are not authorized to perform this action” wile submitting forms or login.
If I refresh and try again then every thing works fine. Why is this happening?
Upvotes: 3
Views: 2875
Answers (2)
Reputation: 37701
You can make a JS confirm box triggering upon the cookie expiring time, asking the user to extend his session. I think that's the most elegant solution you can get if you want to keep using the CSRF.
Upvotes: 3
Reputation: 20475
Well this happens because your CSRF token expires, its the proper process, increase the CSRF token expiry time from 7200 seconds to something more relevant to your needs (7200 / 60 / 60 = 2 hours).
Read up a bit more on what CSRF does for you here:
http://en.wikipedia.org/wiki/Cross-site_request_forgery
Upvotes: 1
Related Questions
- codeigniter CSRF error: "The action you have requested is not allowed."
- CodeIgniter CSRF failing on forms
- Codeigniter showing error when I try to resubmit form with csrf_protection set to true
- CSRF not working properly in codeigniter
- ERROR While enabling CSRF protection TRUE in codeigniter
- Error on activating CSRF protection
- codeigniter CSRF error
- Codeigniter CSRF question
- codeigniter csrf protection error with ajax
- CSRF token problem with CodeIgniter