Missing or invalid CSRF cookie

Hi, on a fresh cake proj. I bake all bb_entities (my simple table) , then after adding a bb_entity I receive a “Missing or invalid CSRF cookie” error. Googled it but didn’t see if I still have to setup CSRF things on a fresh app b4 continuing.

I had created the cake project with composer this way:
php composer.phar create-project --prefer-dist cakephp/app:4.* htdocs_sites\EAS\BB\BB-App_Cur

How is this done and how do I need to understand it ?

Update: … hm when I went back to the Bb Entities index and added a Bb Entity again, it started working fine. So this effect may have been from the session or cache from the previous cake CMS-Tutorial project still in the browser ?

if you used the same domain for the CMS Tutorial as well as for your new project and didn’t close your browser while you developed your new project then this is possible because by default the CSRF Token is a session cookie.

Session cookies usually get deleted when you close the browser but this is more of a “recommendation” for browsers. It could be that some browser handle that differently.

So next time either try using another domain or remove all cookies after you switch projects which share the same domain.

1 Like