CSRF token difference

Yii 2.0 General Discussions
1

I am learning YII2 in advanced template.

In backend I am using ExtJS framework. For all posts and ajax request i write so that:




<script>


function token() {

    return '<?php echo Yii::$app->request->csrfToken ?>';

}


</script>

and this token() function I am using parametres Ajax requests.

Problem is when the frontend page updated, CSRF - token updated together. And backend gives an error 400. How can I do token() - work in frontend and backend. Not update everytime.

2

There’s no other way except updating it every time. That’s what CSRF protection was made for.