Create _Token.fields _Token.unlocked and _Topken.debug


#1

On ajax request with middleware security (CSRF) I would like to set an JSON object with this fields:

_Token[fields] = hash(fields)
_Token[unlocked] = null;
_Token[debug] = ???;

My question is how to create _Token[fields] and _Token[debug] ? Because I have no form but only a json object when sending data. I have the header with the csrfToken hash!

Thanks a lot for any hint.

Michael


#2

For ajax json requests you should disable the security component for the target action. Those hashes are built based on a form that is created with the form helper (To prevent form tampering). It doesn’t really work, and isn’t really applicable to ajax/json requests.


#3

thanks a lot. Thats true!


#4

these fields come from security Components , not CSRF