csrf-protection

codeigniter CSRF error: “The action you have requested is not allowed.”

心不动则不痛 提交于 2019-11-26 22:58:08
i enabled the csrf_protection option in the codeigniter's config file, and used form_open() function to creat my forms. but when i submit the form, this error occurs: The action you have requested is not allowed. i have done the answers like this topic (taht is most related to my question): question but they didn't work and The problem still remains. config.php <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /* |-------------------------------------------------------------------------- | Base Site URL |-----------------------------------------------------------------

angular4 httpclient csrf does not send x-xsrf-token

隐身守侯 提交于 2019-11-26 16:00:04
问题 In angular documentation, it is mentioned that the angular httpclient will automatically send the value of cookie XSRF-TOKEN in the header X-XSRF-TOKEN of post request. Documentation link But it does not send the header for me. Here is my code Nodejs code to set the cookie router.get('/set-csrf',function(req,res,next){ res.setHeader('Set-Cookie', "XSRF-TOKEN=abc;Path=/; HttpOnly; SameSite=Strict"); res.send(); }) I have used the httpclient in app.module.ts imports: [ HttpClientModule ] ** The

Laravel 5.6 - Passport JWT httponly cookie SPA authentication for self consuming API?

99封情书 提交于 2019-11-26 10:30:45
NOTE: I had 4 bounties on this question, but non of the upvoted answers below are the answer needed for this question. Everything needed is in Update 3 below, just looking for Laravel code to implement. UPDATE 3: This flow chart is exactly the flow I am trying to accomplish, everything below is the original question with some older updates. This flow chart sums up everything needed. The green parts in the flow chart below are the parts that I know how to do. The red parts along with their side notes is what I am looking for help accomplishing using Laravel code. I have done a lot of research

CSRF Token necessary when using Stateless(= Sessionless) Authentication?

为君一笑 提交于 2019-11-26 10:05:21
问题 Is it necessary to use CSRF Protection when the application relies on stateless authentication (using something like HMAC)? Example: We\'ve got a single page app (otherwise we have to append the token on each link: <a href=\"...?token=xyz\">...</a> . The user authenticates himself using POST /auth . On successful authentication the server will return some token. The token will be stored via JavaScript in some variable inside the single page app. This token will be used to access restricted

How to send csrf_token() inside AngularJS form using Laravel API?

末鹿安然 提交于 2019-11-26 09:08:18
问题 I am trying to build an angular + laravel rest application. I can get the views of my database. When I try to add new items. I get 500 error telling me mismatch csrf token. My form layout is : <form class=\"form-horizontal\" ng-submit=\"addItem()\"> <input type=\"text\" ng-model=\"itemEntry\" placeholder=\"Type and hit Enter to add item\"> </form> This is how I try to add item to database : $scope.addItem = function(CSRF_TOKEN) { $http.post(\'/shop\', { text: $scope.itemEntry, csrf_token:

codeigniter CSRF error: “The action you have requested is not allowed.”

本秂侑毒 提交于 2019-11-26 08:29:11
问题 i enabled the csrf_protection option in the codeigniter\'s config file, and used form_open() function to creat my forms. but when i submit the form, this error occurs: The action you have requested is not allowed. i have done the answers like this topic (taht is most related to my question): question but they didn\'t work and The problem still remains. config.php <?php if ( ! defined(\'BASEPATH\')) exit(\'No direct script access allowed\'); /* |------------------------------------------------

Laravel 5.6 - Passport JWT httponly cookie SPA authentication for self consuming API?

冷暖自知 提交于 2019-11-26 02:09:01
问题 NOTE: I had 4 bounties on this question, but non of the upvoted answers below are the answer needed for this question. Everything needed is in Update 3 below, just looking for Laravel code to implement. UPDATE 3: This flow chart is exactly the flow I am trying to accomplish, everything below is the original question with some older updates. This flow chart sums up everything needed. The green parts in the flow chart below are the parts that I know how to do. The red parts along with their
订阅 csrf-protection