cakephp XMLHttpRequest post request csrf problem

Asked Oct 25 '22 at 15:02

Active Oct 25 '22 at 19:51

Viewed 82 times

cakephp 4.4.6

I use vuejs as frontend, all works fine, but I have csrf problems to send XMLHttpRequest with post request. CsrfProtectionMiddleware is activated.

It works fine when post data are send from an html "form" (_csrfToken is in a hidden field).

But if post data are send from an axios request, cakephp backend cannot get the csrf token.

Here is the front code:

axios
            .post("/equipes/delete", {
                headers: {
                    "X-Requested-With": "XMLHttpRequest",
                    'X-CSRF-Token': this.csrftoken,
                },
                params: {
                    // csrfToken: this.csrftoken,
                    // _csrfToken: this.csrftoken,
                    id: id,
                },
            })
            .then((response) => {
                
            })
            .catch((e) => {
                console.log(this.$options.name + ": method confirmationDelete : error");
            });

The parameters send to the cakephp backend:

And the error returned :

Any ideas ? Thanks

edited Oct 25 '22 at 19:51

asked Oct 25 '22 at 15:02

dype

1

**https://stackoverflow.com/questions/44617825/passing-headers-with-axios-post-request** – ndm Oct 26 '22 at 11:13
Thanks @ndm, it works fine (axios post parameters were not correct) – dype Oct 27 '22 at 19:42

cakephp XMLHttpRequest post request csrf problem

0 Answers0