XF 2.2 Disable CSRF protection for single URL?

[mjda]

I'm using a web hook that will POST to a page on my site. Unfortunately, I can't set the CSRF on the hook keeps getting rejected by XF. Is there a way I can disable the CSRF protection on this particular URL only, but still have it active on the rest of the site?

 

[iNnOceNtbOy]

Bump

 

[mattrogowski]

In the controller:

public function checkCsrfIfNeeded($action, ParameterBag $params)
{
    if ($action == 'ActionName') {
        return false;
    }

    return parent::checkCsrfIfNeeded($action, $params);
}

Swap out ActionName for the name of the action.

 

[iNnOceNtbOy]

In the controller:

public function checkCsrfIfNeeded($action, ParameterBag $params)
{
    if ($action == 'ActionName') {
        return false;
    }

    return parent::checkCsrfIfNeeded($action, $params);
}

Swap out ActionName for the name of the action.

Hi, Thanks for such quick reply, But I already tried this solution, But response is still same. Invalid Token. I'm working for file manager for admin panel. Is there any other requirement for admin panel csrf ?

 

[mattrogowski]

If it doesn't work then you must be doing something wrong, the same function is used in the admin controllers if you search the codebase. You're likely not checking the correct action name.

 

[iNnOceNtbOy]

If it doesn't work then you must be doing something wrong, the same function is used in the admin controllers if you search the codebase. You're likely not checking the correct action name.

Ah my Bad, that was script error. This feature worked actually. Thanks