Home > PHP Framework > YII > How to remove csrf in yii framework

How to remove csrf in yii framework

藏色散人
Release: 2020-07-18 17:18:11
Original
2963 people have browsed it

Yii framework method to remove csrf: 1. Turn off csrf through the "init" method; 2. Add a hidden field to the form; 3. Add the "_csrf" field to AJAX.

How to remove csrf in yii framework

YII How to turn off csrf

The first solution is to turn off Csrf

public function init(){
    $this->enableCsrfValidation = false;
}
Copy after login

The second solution is to add a hidden field to the form

<input name="_csrf" type="hidden" id="_csrf" value="<?= Yii::$app->request->csrfToken ?>">
Copy after login

The third solution is to add the _csrf field to AJAX

var csrfToken = $(&#39;meta[name="csrf-token"]&#39;).attr("content");
$.ajax({
  type: &#39;POST&#39;,
  url: url,
  data: {_csrf:csrfToken},
  success: success,
  dataType: dataType
});
Copy after login

Note: If your page does not have a form, There is no problem with ajax post submission. Using ajax post submission will automatically generate _csrf

If the page has a form, especially a file, ajax post is not possible and you must use get.

Recommended: "yii tutorial"

The above is the detailed content of How to remove csrf in yii framework. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template