Ajax CSRF 403 forbidden codeigniter
From the docs:
Tokens may be either regenerated on every submission (default) or kept the same throughout the life of the CSRF cookie. The default regeneration of tokens provides stricter security, but may result in usability concerns as other tokens become invalid (back/forward navigation, multiple tabs/windows, asynchronous actions, etc). You may alter this behavior by editing the following config parameter
$config['csrf_regenerate'] = TRUE;
Set that to FALSE.
ur controller should be like this function reply(){ $insert = $this->Message_model->send_message2(); $csrf = $this->security->get_csrf_hash();if($this->input->is_ajax_request()){ header("Content-type: application/json; charset=utf-8");echo json_encode(array("data" => $insert,'csrf'=> $csrf)); }ur jquery should be this wayvar token = data.csrf;$.ajax({ url: '/next/ajax/request/url', type: 'POST', data: { new_data: 'new data to send via post', csrf_token:token }, cache: false, success: function(data, textStatus, jqXHR) { // Get new csrf token for next ajax post var new_csrf_token = data.csrf //Do something with data returned from post request }, error: function(jqXHR, textStatus, errorThrown) { // Handle errors here console.log('ERRORS: ' + textStatus + ' - ' + errorThrown ); }});