dimanche 6 décembre 2020

laravel session refresh every request on iframe

I have two laravel apps. One is an admin panel and the other one is a site controlled by this admin panel.

When editing the site from the panel, the website is visible through an iFrame. Every change made in the admin panel is reflected on the iFrame. This communication is made using the postMessage API. The admin panel tells which action was performed and the site on iframe rebuilds itself through some ajax.

On production servers this works fine. My problem is on my development machine these ajax calls started failing due to csrf token mismatch. So far I noticed that opening the webiste through the iframe creates 2 sessions on the very first request. Refreshing the page/iframe creates another file, which replaces the current session.

The website is a Laravel 5.8 app.



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire