CSFR validation and Ajax calls


I want to be able to use CSFR to validate my forms on POST, but it interferes with the following ajax calls, based on code from the Yii skeleton app.

    if (confirm('Are you sure you want to delete this?')) {

        $.post($(this).attr('href'), {}, function(response){




Is there anyway i can either:

  • Ignore the CSRF validation for Ajax POSTs (i don't want to use GET for this as it's a delete request)
  • Can i even include a dummy form and use that form's hidden CSRF input value to validate the submission?

Yes, you can enclose the link with a dummy form. The link will automatically use that form to submit.

Which means i would have to enclose every link with a form which isn't really what i had in mind in terms of clean HTML. Thanks anyway.

Hi all!

I think if there could be another better solution then having unneccessary markup?

I’m having this issue when sending ajax post request without any need in form.

will be gratefull for ur ideas.