CakePHP ajax post returns 400 Bad Request

Question

CakePHP ajax post returns 400 Bad Request

I am trying to use ajax post for action. GET requests work fine, but when I try to execute POST, I see “400 Bad Request” in firebug, and the view returns a Black hole response.

Here is the jQuery query:

            $.ajax({
            url:"/usermgmt/users/editUser",
            type:"POST",
            success:function(data) {
                alert('Wow this actually worked');
                //ko.applyBindings(self);

            },
            error:function() {
                alert('This will never work');
            }
        });

Is this because of Cake security settings, or what am I not seeing here?

+5

jquery post cakephp

kSeudo May 16 '12 at 18:16

source share

4 answers

FYI CakePHP 2.3 unlockedActions , beforeFilter AppController.

$this->Security->unlockedActions = array('ajaxAction');

: http://book.cakephp.org/2.0/en/core-libraries/components/security-component.html#disabling-security-component-for-specific-actions

+2

Chris 02 . '13 9:51

Make shure, you put the editUser function in:

  public function beforeFilter(){
    parent::beforeFilter()
    $this->Auth->allow('editUser');
    }

inside UserController,

Hi

0

Brunex May 17 '12 at 12:04

source share

Joseph lacked one detail for me. My form and ajax call were in index.ctp and called /controller/edit.ctp, so my $ this-> Form-> create call required "action" => '/ controller / edit' added to it.

0

Davorama Feb 25 '15 at 1:35

source share

Joseph · Accepted Answer · 2012-06-27T08:34:49+0000

Protection against unauthorized access to forms is one of the main functions provided by the security component. As long as it is enabled, it will treat all POSTs as submitting a form.

HTML- HTML Security, JQuery. , , $this->Security->validatePost = false; $this->Security->csrfCheck = false;, , .

, CakePHP Form Helper , ajax. , data[_Token][fields] data[_Token][unlocked] :

<?php 
    echo $this->Form->create('Test',array('id'=>'testform'));
    echo $this->Form->input('Something');
    echo $this->Form->submit();
    echo $this->Form->end();
?>

- :

<form action="/your/url" id="testform" method="post" accept-charset="utf-8">
    <div style="display:none;">
        <input type="hidden" name="_method" value="POST"/>
        <input type="hidden" name="data[_Token][key]" value="9704aa0281d8b5a2fcf628e9fe6f6c8410d8f07a" id="Token937294161"/>
    </div>
    <div class="input text">
        <input name="data[Test][Something]" class="required" type="text" id="TestSomething"/>
    </div>
    <div class="submit">
        <input  type="submit" />
    </div>
    <div style="display:none;">
        <input type="hidden" name="data[_Token][fields]" value="0c81fda1883cf8f8b8ab39eb15d355eabcfee7a9%3A" id="TokenFields817327064"/>
        <input type="hidden" name="data[_Token][unlocked]" value="" id="TokenUnlocked281911782"/>
    </div>
</form>

JQuery, ajax POST:

    $('#testform').submit(function(event) {
        $.ajax({
            type: 'POST',
            url: "/your/url",
            data: $('#testform').serialize(),
            success: function(data){ 
                alert('Wow this actually worked');
            },
            error:function() {
                alert('This will never work');
            }
        });
        event.preventDefault(); // Stops form being submitted in traditional way
    });

, , POST .

: , , , POST . , , :

public $components = array(
    'Security' => array(
        'csrfUseOnce' => false
    )
);

... . , csrfExpires, . CSRF .

CakePHP ajax post returns 400 Bad Request

More articles: