Commit 93d5f5a3 by Qiang Xue

Fixes #897.

parent df091b15
......@@ -93,6 +93,8 @@ class ErrorHandler extends Component
$response->getHeaders()->removeAll();
if ($useErrorView && $this->errorAction !== null) {
// disable CSRF validation so that errorAction can run in case the error is caused by CSRF validation failure
Yii::$app->getRequest()->enableCsrfValidation = false;
$result = Yii::$app->runAction($this->errorAction);
if ($result instanceof Response) {
$response = $result;
......
......@@ -1001,7 +1001,8 @@ class Request extends \yii\base\Request
*/
public function getCsrfTokenFromHeader()
{
return isset($_SERVER[self::CSRF_HEADER]) ? $_SERVER[self::CSRF_HEADER] : null;
$key = 'HTTP_' . str_replace('-', '_', strtoupper(self::CSRF_HEADER));
return isset($_SERVER[$key]) ? $_SERVER[$key] : null;
}
/**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment