Note the upgraded forum! If you are experiencing issues logging in, you may need to reset your password which should send an email. If the email doesn't arrive, be sure to check your spam folder just in case.

Search Indexing and CSRF

edited June 2015 in Bug Reports

When trying to reindex a site using the Search Module within Fuel, nothing happens. If I edit and save a page, the related search index is created correctly.

In my config.php, if I set
$config['csrf_protection'] = FALSE;
I can reindex happily.

With it set to true, my Firebug console reports an error 500 - "The action you have requested is not allowed" - the classic missing CSRF problem.

It seems my other sites that have Search working also have CSRF switched off.

Is this to be expected?



  • edited 1:53AM
    A fix for that has just been pushed to allow indexing with CSRF protection turned on.
  • edited 1:53AM

    Thanks for that but unfortunately it didn't work for me. I think that's because I've customised the $config['csrf_token_name'] in config.php

    This edit to ./views/_admin/reindex.php uses the contents of $config['csrf_token_name'] and this works for me...
    var csrf = $('#<?php echo $this->config->item('csrf_token_name'); ?>').val(); var params = {pages: $('#pages').val(), <?php echo $this->config->item('csrf_token_name'); ?>: csrf };
  • edited 1:53AM
    Thanks for the fix. I've posted an update.
Sign In or Register to comment.