Yii CSRF Validation is showing 400 Error

Question

I have enabled CSRF in main.php

'request' => array(
    'enableCsrfValidation' => true,      
)

After enabling CSRF, all the links in my app are showing 400 (Bad Request). I have tried searching for the fix and did not find any. Am i missing anything? I am using YII 1.16

fix formatting, add tag – Tomasz Jakub Rup Dec 03 '15 at 07:53 — Tomasz Jakub Rup, Dec 03 '15 at 07:53

score 0 · Answer 1 · answered Dec 01 '15 at 14:08

0

Do you have a session started? The Yii-CSRF-Token is stored in the session

400 is the default error thrown by Yii if the token is invalid.

If you want to check more closely look at CHttpRequest.php -> validateCsrfToken

answered Dec 01 '15 at 14:08

LaSchmu

11
2

I was able to fix it myself. In ValidateCsrfToken function, i added one exit() after $valid = false; I am not sure if it is correct way – Hema Chandra Dec 01 '15 at 15:53

Yii CSRF Validation is showing 400 Error

1 Answers1