"csrf Token Could Not Be Verified" Error When Uploading Large Files

I’m getting “CSRF token could not be verified” error when I’m trying to submit a form with a file-type field and when transmitted file is large (55 MB+). Transferring files smaller works like a charm.

I’m stuck, because I’ve run into situation, where error appears only in certain situations, not always.

I’ve read quite a lot about this error in many sources. But all of them discuss situation with incorrectly passed token, incorrect token or no token at all. Which means, that (before fixing) particular form would cause this error every time, no matter, what data is being sent through it. In my case, this error appears only occasionally, only on certain data (files larger than 55 MB).

I’m sending data through standard PHP / Yii form, without any upload extension, just as simple file-type input field. PHP settings are OK, as upload_max_filesize is set to 1G. And because uploads with smaller files works just fine.

Anyone can help, shed some light or advice, what can be causing this?

I’m pretty sure this is related to chunking upload somehow.

This is indeed strage. I’ve hit that problem when, with CSRF enabled, you want to upload files but POST contains only an encoded file and all other params are in GET. I found a topic on the forum with a custom HttpRequest class that allows exceptions in which actions CSRF can be passed in GET, not POST.

Well… I haven’t ever heard about upload chunking in normal HTTP-POST-releated file upload.

In any kind of AJAX or Flash uploaders yes.

Thanks! I’m investigating the idea of limiting CSRF to POST only or to throw file upload out of CSFR checking.

This is of course only a workaround, as main question (why CSFR dies for files larger than 55 MB) isn’t answered yet.

I’ve solved my problem. In my case, it was mistaken php.ini configuration.

I was aware about upload_max_filesize variable and I set it to properly high value, but I had no damn idea about another variable, named post_max_size. Since, I wasn’t aware of it, I left it on default value (8M) and that was causing all the problems. Setting it to 1G solved this case.

Which doesn’t change the fact, that Yii is unable to handle this situation correctly and behaves strangely in such case. That is why, I reported an issue about this case.

Thanks anyone for helping me out.