Error 400 Bad Request in ajax request

I have an advanced app and in frontend there is an ajax call which does not work:

I’m getting Error #400 Bad Request: Unable to verify your data submission. I traced it and problem is caused by a lack of CSRF token. I checked and the ajax request headers does not contain X-CSRF-Token header.

There is lots of ajax calls in backend application and they’re all working fine.

How can I fix this? why doesn’t it send CSRF token in request headers? ???

Does the layout you are using have this in the head section:

<?= Html::csrfMetaTags() ?>

Yes it does!

anyone? any idea? :rolleyes:

Could you show us how this ajax call is constructed?