HTTP 400 Unable to verify your data submission.

spidee · May 20, 2016, 1:20pm

Hi there,

My Yii 2 application was progressing well until I received an unusual error about a bad HTTP request. The error is:

I have looked it up and much of the literature indicates the cause being due to a CSRF issue. However my CSRF stuff all looks ok and I would prefer to have feature in the application. Also when I switch it off it appears that redirects $this->back() , $this->goHome() have stopped working.

In order to try and identify the source of the problem, I have installed a fresh copy of yii using the following command :

composer create-project yiisoft/yii2-app-advanced advanced 2.0.8

and then tried to login to the newly generated website (without any of my own code added). The error is still there and I am receiving the HTTP 400 error.

The version of composer I am using is :

Composer version 1.1.1 2016-05-17 12:25:44

And the composer.json file is below. Would anyone mind trying this in their own environment to determine if this issue is a general one or specific to my environment. I am not sure how to trace back the cause of the error as the logs are not reporting anything about it. Thanks for any help you can offer.

composer.json:

{

&quot;name&quot;: &quot;yiisoft/yii2-app-advanced&quot;,


&quot;description&quot;: &quot;Yii 2 Advanced Project Template&quot;,


&quot;keywords&quot;: [&quot;yii2&quot;, &quot;framework&quot;, &quot;advanced&quot;, &quot;project template&quot;],


&quot;homepage&quot;: &quot;http://www.yiiframework.com/&quot;,


&quot;type&quot;: &quot;project&quot;,


&quot;license&quot;: &quot;BSD-3-Clause&quot;,


&quot;support&quot;: {


    &quot;issues&quot;: &quot;https://github.com/yiisoft/yii2/issues?state=open&quot;,


    &quot;forum&quot;: &quot;http://www.yiiframework.com/forum/&quot;,


    &quot;wiki&quot;: &quot;http://www.yiiframework.com/wiki/&quot;,


    &quot;irc&quot;: &quot;irc://irc.freenode.net/yii&quot;,


    &quot;source&quot;: &quot;https://github.com/yiisoft/yii2&quot;


},


&quot;minimum-stability&quot;: &quot;stable&quot;,


&quot;require&quot;: {


    &quot;php&quot;: &quot;&gt;=5.4.0&quot;,


    &quot;yiisoft/yii2&quot;: &quot;&gt;=2.0.6&quot;,


    &quot;yiisoft/yii2-bootstrap&quot;: &quot;*&quot;,


    &quot;yiisoft/yii2-swiftmailer&quot;: &quot;*&quot;


},


&quot;require-dev&quot;: {


    &quot;yiisoft/yii2-codeception&quot;: &quot;*&quot;,


    &quot;yiisoft/yii2-debug&quot;: &quot;*&quot;,


    &quot;yiisoft/yii2-gii&quot;: &quot;*&quot;,


    &quot;yiisoft/yii2-faker&quot;: &quot;*&quot;


},


&quot;config&quot;: {


    &quot;process-timeout&quot;: 1800


},


&quot;extra&quot;: {


    &quot;asset-installer-paths&quot;: {


        &quot;npm-asset-library&quot;: &quot;vendor/npm&quot;,


        &quot;bower-asset-library&quot;: &quot;vendor/bower&quot;


    }


},


&quot;scripts&quot;: {


    &quot;post-install-cmd&quot;: &quot;php init --env=Development --overwrite=n&quot;


}

}

arojohnson · May 24, 2016, 7:58am

Have you checked with your request and response headers for CSRF Token?