0

I try to call action from another controller via jquery using ajax. jquery:

$('.sorting-action').on('click', function (event) {
  event.preventDefault();
  var elem = $(this);
  var root_path = $(this).data('root_path');
  postData = {folder_path: root_path};
  link = location.origin+"/emails-sorting/sorting-files";

  $.ajax({
    type: 'post',
    data: postData,
    url: link,
  });
});

action in another controller:

class EmailsSortingController extends AppController
{

public function sortingFiles()
{
    if($this->request->is(['ajax', 'post'])) {
        //Get and check root folder path
        $request_data = $this->request->getData();
        $path = urldecode($request_data['folder_path']);
        $folder_path = $this->emailsFolderBuilder($path);
        if (!empty($folder_path)) {
            //Checking structure of emails folder. There should be 3 folders  country-language, country, language
            $checking_result = $this->folderStructureCheker($folder_path);
            if ($checking_result) {
                $duplicate_list = $this->recordsSorting($folder_path);
            } else {
                $this->Flash->error('Folder structure is incorrect....!!!');
            }
        } else {
            $this->Flash->error('Emails folder does not exist....!');
        }
    }
}

and always get this error: POST http://parser/emails-sorting/sorting-files 403 (Forbidden)

halfelf
  • 9,737
  • 13
  • 54
  • 63
Sergey Georgiev
  • 11
  • 1
  • 1
    take a look to [403 error code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/403): This status is similar to 401, but in this case, re-authenticating will make no difference. The access is permanently forbidden and tied to the application logic, such as insufficient rights to a resource. – gaetanoM May 14 '20 at 14:48
  • 1
    you mean add this part in controller public function initialize() { parent::initialize(); $this->Auth->allow(['sortingFiles']); } – Sergey Georgiev May 14 '20 at 14:56
  • Also i found another error : CSRF token mismatch. – Sergey Georgiev May 14 '20 at 15:13
  • 1
    see [CSRF token mismatch](https://stackoverflow.com/questions/51916680/csrf-token-mismatch-in-post-request-in-3-6-version) – gaetanoM May 14 '20 at 15:25

0 Answers0