# |
Dec 26th 2019, 12:06 |
ndm |
@kailas Look, I'm not _that_ old yet, when I was in what you'd call "high school", we already had 28k super high speed modems :) |
# |
Dec 26th 2019, 03:25 |
challgren |
@ndm you are the man! ->onlyMethods() works |
# |
Dec 26th 2019, 01:53 |
ashesh.social |
is there is any possibility to add Log in middleware files ? |
# |
Dec 26th 2019, 01:06 |
challgren |
I'll have to try that, ah no worries man, I hear you man I hear yah |
# |
Dec 26th 2019, 01:04 |
ndm |
Also I'm a little drunk over here, it was a rough day, Christmas is really stressful when you're old :grimacing: |
# |
Dec 26th 2019, 01:02 |
ndm |
If a mocked mailer would normally work, then try the `onlyMethods()` option, that should be fine... I wasn't really getting the full picture initially, hence I recommended the transport |
# |
Dec 26th 2019, 01:01 |
challgren |
Hmmm ok yeah I'm going to need to do more research. |
# |
Dec 26th 2019, 00:59 |
ndm |
If that's in your `aboutUs()` method, then certainly that's the problem, pretty sure that will override the mock transport |
# |
Dec 26th 2019, 00:58 |
challgren |
@ndm I wonder if because I'm calling setProfile([transport => mailgun]) in the mailer function |
# |
Dec 26th 2019, 00:54 |
ashesh.social |
Thanks for the support @ndm @challgren Will check it :+1::skin-tone-3: |
# |
Dec 26th 2019, 00:53 |
ndm |
or maybe a little cleaner like ```$check = [ 'plugin' => 'MyPlugin', 'prefix' => 'Api', 'controller' => 'TeamsController', 'action' => 'payment_status', // ... ]; if (array_intersect_assoc($check, $request->getParams()) === $check) { // ... }``` |
# |
Dec 26th 2019, 00:53 |
challgren |
$this->request->getParam('controller') |
# |
Dec 26th 2019, 00:53 |
ndm |
like `andand $request->getParam('controller') === 'TeamsController' andand $request->getParam('action') === 'payment_status' andand ...` |
# |
Dec 26th 2019, 00:51 |
ashesh.social |
How can I whitelist that method |
# |
Dec 26th 2019, 00:51 |
ashesh.social |
Say I’m having a controller called “TeamsController” and “payment_status” is a method inside that controller |
# |
Dec 26th 2019, 00:50 |
ashesh.social |
Sorry couldn’t get it |
# |
Dec 26th 2019, 00:47 |
ndm |
Compare the `controller` and `action` params too, also `plugin` if you need to |
# |
Dec 26th 2019, 00:45 |
ashesh.social |
How to add particular function in a controller to the above code @challgren @ndm |
# |
Dec 26th 2019, 00:45 |
ashesh.social |
$csrf->whitelistCallback(function ($request) { // Skip token check for API URLs. if ($request->getParam('prefix') === 'Api') { return true; } |
# |
Dec 26th 2019, 00:37 |
ndm |
but still, a mock transport should work... somehow |
# |
Dec 26th 2019, 00:37 |
ndm |
@challgren The initial error surely is because of the static config trait... but if you don't need all that methods mocked, you could just specify the ones you need, like `->onlyMethods(['send'])` |
# |
Dec 26th 2019, 00:36 |
slackebot |
<challgren> |
# |
Dec 26th 2019, 00:36 |
challgren |
https://book.cakephp.org/4/en/controllers/middleware.html#cross-site-request-forgery-csrf-middleware |
# |
Dec 26th 2019, 00:35 |
ashesh.social |
@challgren 4 |
# |
Dec 26th 2019, 00:35 |
challgren |
@ashesh.social 4 or 3? |
# |
Dec 26th 2019, 00:34 |
ashesh.social |
@challgren tried whitelisting with many resources from google. Not working out. |
# |
Dec 26th 2019, 00:34 |
challgren |
The initial error, the transport I think in debug/phpunit mode its overwritten |
# |
Dec 26th 2019, 00:33 |
ndm |
Yeah, but transports don't have static methods, so that should work fine... or are you referring to the initial error mocking the mailer? |
# |
Dec 26th 2019, 00:32 |
challgren |
Because you cant mock static methods |
# |
Dec 26th 2019, 00:32 |
ndm |
Not sure how that would interfere, but everything's possible :) |
# |
Dec 26th 2019, 00:31 |
challgren |
I'm probably just going to have to make a errorable transport or mailer |
# |
Dec 26th 2019, 00:30 |
challgren |
@ndm I believe all my issues are because of the staticconfigtrait |
# |
Dec 26th 2019, 00:29 |
challgren |
Your probably going to have to whitelist that action from the gateway |
# |
Dec 26th 2019, 00:29 |
ndm |
If you can't pass over the token to the gateway and have it return it accordingly when it posts to your API (not sure if that really makes much sense in the first place though, given that I'd expect that endpoint to only accept one way or another "signed" requests), then you'll probably have to disable CSRF for that specific endpoint. |
# |
Dec 26th 2019, 00:11 |
ashesh.social |
“Missing CSRF token body ...” this is the error |
# |
Dec 26th 2019, 00:10 |
ashesh.social |
But facing issue in the redirect URL of my payment gateway return POST to my method |
# |
Dec 26th 2019, 00:10 |
ashesh.social |
So the CSRF is working all around the application through ajax and also in form POST |
# |
Dec 25th 2019, 20:44 |
ashesh.social |
Thanks :raised_hands::skin-tone-3: |
# |
Dec 25th 2019, 18:30 |
ndm |
Means your form is missing the token, which should be added automatically when using the form helper. Check the generated HTML. |
# |
Dec 25th 2019, 18:24 |
ashesh.social |
In cakephp 4 |
# |
Dec 25th 2019, 18:24 |
ashesh.social |
But now it’s during form POST |