cakephp-rest
cakephp-rest copied to clipboard
sprintcube
CSRF Token mismatch
Hi,
Firstly, thanks for your work !
I installed your plugin, I am working with CakePHP 3.7.
The problem is that I can't acceed to my page to add an user for example. The error message is :
CSRF token mismatch. Cake\Http\Exception\InvalidCsrfTokenException
Documentation API
If you want to customize this error message, create src/Template/Error/error400.ctp
toggle vendor stack frames
⟩ Cake\Http\Middleware\CsrfProtectionMiddleware->_validateToken CORE/src/Http/Middleware/CsrfProtectionMiddleware.php, line 120
I understand that the problem is about the CSRF, I tried to resolved with a lot of solution but nothing to do, I don't understand why.
I tried to change the route, to remove :
// $routes->applyMiddleware('csrf');
All solutions to disable the CSRF on this page what I found on internet (Google) don't work.
When I access to the page for the view without send POST, the page works.
Thank you by advance.
I found the problem, the routes page was in the cache and doesn't actualize.
I removed it from the cache and I modified it like this :
if (substr($_SERVER['REQUEST_URI'], 0, 5) != '/api/') {
$routes->applyMiddleware('csrf');
}
Without this line :
// $routes->connect('/api/add', ['controller' => 'Api', 'action' => 'add', 'isRest' => true]);
The API already working, it's not forced to have it ?
Thanks