Bad Request (#400)

[timmy78]

Hi

There is a problem with the csrf token (Bad Request (#400)), so I added the csrf token :

'options' => [
    'url' => Url::to(['dropzone']),
    'headers' => [
        Yii::$app->getRequest()->csrfParam => Yii::$app->getRequest()->csrfToken
    ]
],

But it still not working. What is the solution ? Waiting your answer I added public $enableCsrfValidation = false; in the Controller

Thank you

[robertklein]

a) Use it directly in the widget call:

'options' => [
    'url' => Url::to(['dropzone']),
    'headers' => [
        \yii\web\Request::CSRF_HEADER => \Yii::$app->getRequest()->getCsrfToken(),
    ]
],

or

b) add the following lines into the init method of Dropzone class:

if(\Yii::$app->getRequest()->enableCsrfValidation){
    $this->options['headers'][\yii\web\Request::CSRF_HEADER] = \Yii::$app->getRequest()->getCsrfToken();
    $this->options['params'][\Yii::$app->getRequest()->csrfParam] = \Yii::$app->getRequest()->getCsrfToken();
}

or

c) see my patch, I faced the same issue: https://github.com/robertklein/yii2-dropzone

or

d) or wait until perminder-klair will merge it in this one.

[perminder-klair]

Hello @timmy78 ,

Just merged pull requested https://github.com/perminder-klair/yii2-dropzone/commit/36de5a44fc89d9674bc6247a157ef785b291ec10

Should be fine now, thank you @robertklein !

[timmy78]

Works fine, thank you for the update ! :+1: