Bad Request (#400) on logout session

[monghuz]

Since 2 days ago , when I refreshed my yii2 project via composer I can't logout with yii2-auth.

All other function seams good, but when I try to logout I get the followin error: yii\web\HttpException:400

Here is the error stack from yii debugger:

exception 'yii\web\BadRequestHttpException' with message 'Unable to verify your data submission.' in C:\xampp-portable\htdocs\yii2\vendor\yiisoft\yii2\web\Controller.php:109
Stack trace:
#0 C:\xampp-portable\htdocs\yii2\vendor\yiisoft\yii2\base\Controller.php(146): yii\web\Controller->beforeAction(Object(yii\base\InlineAction))
#1 C:\xampp-portable\htdocs\yii2\vendor\yiisoft\yii2\base\Module.php(429): yii\base\Controller->runAction('logout', Array)
#2 C:\xampp-portable\htdocs\yii2\vendor\yiisoft\yii2\web\Application.php(82): yii\base\Module->runAction('auth/default/lo...', Array)
#3 C:\xampp-portable\htdocs\yii2\vendor\yiisoft\yii2\base\Application.php(367): yii\web\Application->handleRequest(Object(yii\web\Request))
#4 C:\xampp-portable\htdocs\yii2\web\index.php(12): yii\base\Application->run()
#5 {main}

I tried to find the root of this error without success. :(

[cansozeri]

I have changed logout link type from post to get and the error gone away in my project : ) Maybe it will help you ..

[monghuz]

Thank you cansorezi! It seems with get method it's working, but I don't see the benefit of the get method over the post.

[monghuz]

The root of this issue was a change in the core of yii2 https://github.com/yiisoft/yii2/blob/master/framework/UPGRADE.md Please update your main layout file by adding this line in the section: <?= Html::csrfMetaTags() ?>. This change is needed because yii\web\View no longer automatically generates CSRF meta tags due to issue #3358

[cansozeri]

Yes, I have found it today and want to write here but you did it first : ))