Invalid CSRF Token on 3.0.1

Well for one, people who don’t use W3 Total Cache!

Compared to the complexity of W3 Total Cache, this plugin is pretty straightforward to use.

I am also not convinced that you would want to use W3 Total Cache along with Cloudflare – you can configure Cloudflare to do your cacheing.

W3TC does it better. When CF does it better along with minification I’d totally ditch W3 but it’s not there yet. You’d think this would be an intuitive set of features for CF because it’s so badass and those features are so easily applicable but the load times don’t lie. W3TC does a better job on this stuff.

I’ve submitted a PR to our plugin which is a stable work around here:

https://github.com/cloudflare/Cloudflare-WordPress/pull/182

InfiniteWP is reading our requests after hooking into setup_theme, I created a hook on plugins_loaded which executes before setup_theme and I read php://input only for requests intended for the Cloudflare plugin.

Unfortunately php:://input can’t be rewound for PUT requests which is why the earlier fix didn’t work.

As per this note on the PHP website, PHP version 5.6 or greater allows multiple reads of PHP://input

https://sg2.php.net/manual/en/wrappers.php.php#wrappers.php.input

I have found on my sites that run InfiniteWP (and another plugin from the same authors, WP Time Capsule) as well as Cloudflare that the problem no longer occurs when the server is running PHP 5.6.