search

tbreuss / pingcrm-yii2

Ping CRM on Yii 2 - A Yii 2 demo application to illustrate how Inertia.js works.
https://pingcrm-yii2.tebe.ch
BSD 3-Clause "New" or "Revised" License
54 stars 15 forks source link

Enable CSRF Validation #1

Closed tbreuss closed 4 years ago

tbreuss commented 4 years ago

Inertia depends on Axios which is refering to the cookie XSRF-TOKEN and the header X-XSRF-TOKEN.

Yii2 is handling CSRF validation different which leads to "Bad Request (#400): Unable to verify your data submission" issues.

supersexy commented 4 years ago

Is there any solution for this important issue?

tbreuss commented 4 years ago

This demo project is using https://github.com/tbreuss/yii2-inertia under the hood. This is the Yii2 adapter for https://github.com/inertiajs/inertia. So, this issue should be fixed with https://github.com/tbreuss/yii2-inertia/commit/02a6d5e15c1084dbf5d81048ae49ce833518b62c

I will do an update the next days.

tbreuss commented 4 years ago

Fixed with c4a2dfaaf60f33b10dbf500ea11ea6942b32ecf8