Yii2 - Bad Request (#400) Unable to verify your data submission
I'm using the advanced template and ran into this issue. After much head banging I noticed the _csrf meta tag used in yii's baked in forms was named "_csrf-frontend" (on the frontend of course). Also the request cookie was named the same.
Provided the header in your layout is registering the meta tag
<?php $this->registerCsrfMetaTags() ?>
Submit _csrf with the same name as the meta tag in your ajax. Yii provides helper for this also
<?=Yii::$app->request->csrfParam?>
Quick example:
var postData = {
someparam : somevalue,
'<?=Yii::$app->request->csrfParam?>': '<?=Yii::$app->request->getCsrfToken()?>'
}
$.ajax({
type: 'post',
data: postData,
url: dataURL,
})
Helpful info here: https://yii2-cookbook-test.readthedocs.io/csrf/
There are two ways you can try. First increase post_max_size size in php.ini. Second run composer update and clear cookie as follow: - composer self-update - composer update - clear cookie
Use this :
public function beforeAction($action)
{
$this->enableCsrfValidation = false;
return parent::beforeAction($action);
}
Do not disable CSRF
You can use below configuration in your main config file to globally disable csrf validation in whole application.
$config = [
'components' => [
'request' => [
'enableCsrfValidation' => false,
],
],
];