Bad Request #400 Error On Logout ?

djtech · June 28, 2014, 4:02pm

I suddenly noticed that I am getting a Bad Request (#400) Error on logout and a couple of other actions, which were working ok.

The exception returned is as follows:




exception 'yii\web\BadRequestHttpException' with message 'Unable to verify your data submission.' 

in /htdocs/advanced/vendor/yiisoft/yii2/web/Controller.php:109 

Stack trace: 

#0 /htdocs/advanced/vendor/yiisoft/yii2/base/Controller.php(146): yii\web\Controller->beforeAction(Object(yii\base\InlineAction)) 

#1 /htdocs/advanced/vendor/yiisoft/yii2/base/Module.php(460): yii\base\Controller->runAction('logout', Array) 

#2 /htdocs/advanced/vendor/yiisoft/yii2/web/Application.php(82): yii\base\Module->runAction('site/logout', Array) 

#3 /htdocs/advanced/vendor/yiisoft/yii2/base/Application.php(368): yii\web\Application->handleRequest(Object(yii\web\Request)) 

#4 /htdocs/advanced/frontend/web/index.php(17): yii\base\Application->run() 

#5 {main}

My SiteController logout action is as follows:




    public function actionLogout()

    {        

        Yii::$app->user->logout();

        return $this->goHome();

    }

What else can I check to find the cause of the problem?

Is there a config setting somewhere I need to check?

CeBe · June 28, 2014, 4:22pm

See UPGRADE instructions:

github.com

yiisoft/yii2/blob/master/framework/UPGRADE.md#upgrade-from-yii-20-beta

Upgrading Instructions for Yii Framework 2.0
============================================

This file contains the upgrade notes for Yii 2.0. These notes highlight changes that
could break your application when you upgrade Yii from one version to another.
Even though we try to ensure backwards compabitilty (BC) as much as possible, sometimes
it is not possible or very complicated to avoid it and still create a good solution to
a problem. You may also want to check out the [versioning policy](https://github.com/yiisoft/yii2/blob/master/docs/internals/versions.md)
for further details.

Upgrading in general is as simple as updating your dependency in your composer.json and
running `composer update`. In a big application however there may be more things to consider,
which are explained in the following.

> Note: This document assumes you have composer [installed globally](http://www.yiiframework.com/doc-2.0/guide-start-installation.html#installing-composer)
so that you can run the `composer` command. If you have a `composer.phar` file inside of your project you need to
replace `composer` with `php composer.phar` in the following.

> Tip: Upgrading dependencies of a complex software project always comes at the risk of breaking something, so make sure
you have a backup (you should be doing this anyway ;) ).

This file has been truncated. show original

djtech · June 28, 2014, 5:27pm

Thank you! This resolved my problem, which was apparently caused after running a composer update. By the way, do you know if this is a permanent solution? Just curious, as Yii2 is getting closer and closer to a stable release.

CeBe · June 28, 2014, 5:41pm

Yes, this change is quite permanent, you always have to include CSRF tokens in layout manually. This is of course already included in the applciation templates.

sawa · October 2, 2015, 9:07am

Hi guys!

I use CSRF to yii version 2.0.4, and PHP version 5.4.45, but for some reason I have this problem has disappeared.

Another such error go

Showing {begin, number} - {end, number} of {totalCount, number} {totalCount, plural, one {item} other {items}}.

on the local server (Open Server) everything works fine