Bad Request (#400) submiting a form on regular response

tbreuss / yii2-inertia

The Yii 2 server-side adapter for Inertia.js.

MIT License

62 stars 9 forks source link

Bad Request (#400) submiting a form on regular response #6

Open nye opened 1 year ago

nye commented 1 year ago

In a controller action if I return a regular respone, regular view with a form, when I submit this form I get a Bad Request (#400) error. I guess this is related to CSRF??

What I'm trying to do is that I don't want to use Inertia in all controllers/actions but use it only in some cases. So I would like to use regular views and forms as usually and be able to "enhance" som controllers using Svelte with Inertia. Is this possible or am I missing something?

ing-edgar commented 11 months ago

 'components' => [
        'inertia' => [
            'class' => Inertia::class,
        ],
        'request' => [
            'class' => 'tebe\inertia\web\Request',
            'cookieValidationKey' => '<cookie_validation_key>',
            'enableCsrfValidation' => true,
            'enableCsrfCookie' => true,
            'parsers' => [
                'application/json' => 'yii\web\JsonParser',
            ]
        ],

Please remember to insert these lines into the appropriate configuration file (either config/web.php or advanced app backend/config/main.php), and replace <cookie_validation_key> with the correct cookie validation key.

nye commented 11 months ago

Yes, and this is when I get the error:

'enableCsrfValidation' => true,
'enableCsrfCookie' => true,

If I set these to false, I get no error, but of course, I'm not using CSFR protection.

What I want is to keep using CSFR, becouse in my app there will be a lot of regular actions (without Inertia) and also some actions with Inertia.