-
Notifications
You must be signed in to change notification settings - Fork 90
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
403 access forbidden by csrfprotector! #158
Comments
When you look at the request details (request headers or form data) are you seeing a CSRF token? |
Hi,
When I loaded the page and inspect it, I can saw a script in the header
session as follows but seems I can't see the token.
<script>
function addCsrfHeader(xhr) {
xhr.setRequestHeader('X-CSRF-Token', '".$_SESSION['csrf_token']."');
}
$.ajaxSetup({
beforeSend: addCsrfHeader
});
</script>
Cassady Campos ***@***.***> 於 2023年7月28日 週五 下午11:24寫道:
… When you look at the request details (request headers or form data) are
you seeing a CSRF token?
When you debug the request on the web server do you see a CSRF token in
the $_REQUEST or $_POST variables?
—
Reply to this email directly, view it on GitHub
<#158 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/BBL2M3LNQIE3XM6BDWRRGJLXSPKTPANCNFSM6AAAAAA2PTDTFI>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
hi.` I have a form but it returns "403 access forbidden by csrfprotector!" whenever I submitted the form. I read the discussion and tries each of them but it doesn't work. Any clue?
The text was updated successfully, but these errors were encountered: