# |
Dec 26th 2019, 01:06 |
challgren |
I'll have to try that, ah no worries man, I hear you man I hear yah |
# |
Dec 26th 2019, 01:04 |
ndm |
Also I'm a little drunk over here, it was a rough day, Christmas is really stressful when you're old :grimacing: |
# |
Dec 26th 2019, 01:02 |
ndm |
If a mocked mailer would normally work, then try the `onlyMethods()` option, that should be fine... I wasn't really getting the full picture initially, hence I recommended the transport |
# |
Dec 26th 2019, 01:01 |
challgren |
Hmmm ok yeah I'm going to need to do more research. |
# |
Dec 26th 2019, 00:59 |
ndm |
If that's in your `aboutUs()` method, then certainly that's the problem, pretty sure that will override the mock transport |
# |
Dec 26th 2019, 00:58 |
challgren |
@ndm I wonder if because I'm calling setProfile([transport => mailgun]) in the mailer function |
# |
Dec 26th 2019, 00:54 |
ashesh.social |
Thanks for the support @ndm @challgren Will check it :+1::skin-tone-3: |
# |
Dec 26th 2019, 00:53 |
ndm |
or maybe a little cleaner like ```$check = [ 'plugin' => 'MyPlugin', 'prefix' => 'Api', 'controller' => 'TeamsController', 'action' => 'payment_status', // ... ]; if (array_intersect_assoc($check, $request->getParams()) === $check) { // ... }``` |
# |
Dec 26th 2019, 00:53 |
challgren |
$this->request->getParam('controller') |
# |
Dec 26th 2019, 00:53 |
ndm |
like `andand $request->getParam('controller') === 'TeamsController' andand $request->getParam('action') === 'payment_status' andand ...` |
# |
Dec 26th 2019, 00:51 |
ashesh.social |
How can I whitelist that method |
# |
Dec 26th 2019, 00:51 |
ashesh.social |
Say I’m having a controller called “TeamsController” and “payment_status” is a method inside that controller |
# |
Dec 26th 2019, 00:50 |
ashesh.social |
Sorry couldn’t get it |
# |
Dec 26th 2019, 00:47 |
ndm |
Compare the `controller` and `action` params too, also `plugin` if you need to |
# |
Dec 26th 2019, 00:45 |
ashesh.social |
How to add particular function in a controller to the above code @challgren @ndm |
# |
Dec 26th 2019, 00:45 |
ashesh.social |
$csrf->whitelistCallback(function ($request) { // Skip token check for API URLs. if ($request->getParam('prefix') === 'Api') { return true; } |
# |
Dec 26th 2019, 00:37 |
ndm |
but still, a mock transport should work... somehow |
# |
Dec 26th 2019, 00:37 |
ndm |
@challgren The initial error surely is because of the static config trait... but if you don't need all that methods mocked, you could just specify the ones you need, like `->onlyMethods(['send'])` |
# |
Dec 26th 2019, 00:36 |
slackebot |
<challgren> |
# |
Dec 26th 2019, 00:36 |
challgren |
https://book.cakephp.org/4/en/controllers/middleware.html#cross-site-request-forgery-csrf-middleware |
# |
Dec 26th 2019, 00:35 |
ashesh.social |
@challgren 4 |
# |
Dec 26th 2019, 00:35 |
challgren |
@ashesh.social 4 or 3? |
# |
Dec 26th 2019, 00:34 |
ashesh.social |
@challgren tried whitelisting with many resources from google. Not working out. |
# |
Dec 26th 2019, 00:34 |
challgren |
The initial error, the transport I think in debug/phpunit mode its overwritten |
# |
Dec 26th 2019, 00:33 |
ndm |
Yeah, but transports don't have static methods, so that should work fine... or are you referring to the initial error mocking the mailer? |
# |
Dec 26th 2019, 00:32 |
challgren |
Because you cant mock static methods |
# |
Dec 26th 2019, 00:32 |
ndm |
Not sure how that would interfere, but everything's possible :) |
# |
Dec 26th 2019, 00:31 |
challgren |
I'm probably just going to have to make a errorable transport or mailer |
# |
Dec 26th 2019, 00:30 |
challgren |
@ndm I believe all my issues are because of the staticconfigtrait |
# |
Dec 26th 2019, 00:29 |
challgren |
Your probably going to have to whitelist that action from the gateway |
# |
Dec 26th 2019, 00:29 |
ndm |
If you can't pass over the token to the gateway and have it return it accordingly when it posts to your API (not sure if that really makes much sense in the first place though, given that I'd expect that endpoint to only accept one way or another "signed" requests), then you'll probably have to disable CSRF for that specific endpoint. |
# |
Dec 26th 2019, 00:11 |
ashesh.social |
“Missing CSRF token body ...” this is the error |
# |
Dec 26th 2019, 00:10 |
ashesh.social |
But facing issue in the redirect URL of my payment gateway return POST to my method |
# |
Dec 26th 2019, 00:10 |
ashesh.social |
So the CSRF is working all around the application through ajax and also in form POST |
# |
Dec 25th 2019, 20:44 |
ashesh.social |
Thanks :raised_hands::skin-tone-3: |
# |
Dec 25th 2019, 18:30 |
ndm |
Means your form is missing the token, which should be added automatically when using the form helper. Check the generated HTML. |
# |
Dec 25th 2019, 18:24 |
ashesh.social |
In cakephp 4 |
# |
Dec 25th 2019, 18:24 |
ashesh.social |
But now it’s during form POST |
# |
Dec 25th 2019, 18:24 |
ashesh.social |
“Missing CSRF token body in /usr/local/myapp/vendor/cakephp/cakephp/src/Http/Middleware/CsrfProtectionMiddleware.php on line 234” |
# |
Dec 25th 2019, 18:04 |
ndm |
Oh well, maybe if there's something in your `contactUs()` method that overrides the transport |
# |
Dec 25th 2019, 18:03 |
ndm |
@challgren Sorry, had to have a chat with my neighbours about drill and sledgehammer powered home improvement work on christmas day's evening. I don't see anything inherently wrong with the code, if the mailers `deliver()` method is being reached, then I'd expect this to work. |