Level 54
@gheeks have you tried excluding the route that the API redirects to after its ended its transaction?
Nov 1, 2020
1
Level 1
Session restart after non-csrf iframe form
Hey!
I'm trying to add a payement solution, but the system is an API. I call this API in my blade file (in script), then the script call an iframe to render the payement system.
The problem:
When the user ends the transaction, the API redirects the user to a specific route to process the User Account. But surprise, there is no more User :)
I've tried to put csrf in meta. I've tried too to put the id of user in the $_POST['custom'], the only variable that the API give us then I wanted to restore the session but nothing.
I dont have more ideas, so if you have one <3
Thanks u so much.
Please or to participate in this conversation.