php - Ajax CSRF 403 forbidden codeigniter

Question

Hello I am calling controller to get section using AJAX in my codeigniter based app which have CSRF Enable

my ajax code

    $('#classes').change(function(){  
  $classes=$(this).val();
            $.ajax({
             type:"POST",
             data:{
                 '<?php echo $this->security->get_csrf_token_name(); ?>' : '<?php echo $this->security->get_csrf_hash(); ?>',
                 'class':$classes
             },
             url:"<?php echo base_url();?>index.php/admin/getsection/"+$classes,
             success:function(return_data)
             {
                //alert(return_data);
                $('#section').html('');
                $('#section').html(return_data);
                $('#section').val(section);
             }
    });

When I Call ajax function first time, it will run perfect. but when i run the same function again, it will return 403 forbidden error.

Please advice what I do

Answer 1

From the docs:

Tokens may be either regenerated on every submission (default) or kept the same throughout the life of the CSRF cookie. The default regeneration of tokens provides stricter security, but may result in usability concerns as other tokens become invalid (back/forward navigation, multiple tabs/windows, asynchronous actions, etc). You may alter this behavior by editing the following config parameter

$config['csrf_regenerate'] = TRUE;

Set that to FALSE.