When I post and attach a file, I get back error 403
I have read that it is a problem that the session expires when the answer is sent by ajax, I in app.php have:
'Session' => [
'defaults' => 'php',
],
So that shouldn’t be the problem. I have also tried disabling the Csrf component, but it doesn’t work either:
public function beforeFilter(Event $event) {
$this->eventManager()->off($this->Csrf);
}
I don’t know what to prove anymore.
considering you’re sending it by using ajax, maybe just add the csrf token?
$.ajax({
// ... ajax stuff
headers: {
'X-CSRF-Token': '<?= h($this->request->getParam('_csrfToken')); ?>'
},
// ... more ajax stuff
});
Yes, in Controller:
public function initialize() {
parent::initialize();
$this->loadComponent('Csrf');
}
In the Layout/default.ctp:
<script>
var csrfToken = <?= json_encode($this->request->getParam('_csrfToken')) ?>;
</script>
In the jquery.js:
$.ajax({
...
...
headers: { 'X-CSRF-Token': csrfToken },
...
...
});
inspect Firefox:
Return:
403 Forbidden
If that’s the case, I think the issue lies somewhere else (eg. your webserver config).
Related: