ERROR While enabling CSRF protection TRUE in codeigniter

Question

I have a form in my application, I need to add csrf_protection = TRUE in my config.php for security reason. But after adding this my form can not submit and show me an error like this.

An Error Was Encountered
The action you have requested is not allowed.

Can anyone tell me, How to fix this?

Below is CSRF code in my config.php

$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = TRUE;
$config['csrf_exclude_uris'] = array();

Is the CSRF token in your form? If you use CI's `form_open()` it automatically adds it. Otherwise, you can manually add it with ``. [See here.](http://www.codeigniter.com/userguide3/libraries/security.html#cross-site-request-forgery-csrf) — ourmandave, Feb 16 '17 at 15:10

score 2 · Accepted Answer · edited May 23 '17 at 11:46

2

If you turn on CSRF then make sure that you use form_open function to open form tag otherwise you will see error which you're getting.

Here are related links to this information -
https://www.codeigniter.com/user_guide/libraries/security.html
Codeigniter CSRF - how does it work
CodeIgniter use CSRF protection only in some pages

edited May 23 '17 at 11:46

Community

1
1

answered Feb 16 '17 at 19:16

VINEET SHARMA

173
6

ERROR While enabling CSRF protection TRUE in codeigniter

1 Answers1