Skip to content

POST Export Buttons Incompatible with Custom AJAX Configuration #198

New issue
New issue
Open
Open
POST Export Buttons Incompatible with Custom AJAX Configuration#198
@arce701

Description

@arce701
arce701
opened on Aug 15, 2025

Summary
The postExcel and postCsv buttons fail when using custom AJAX configuration with POST method, creating compatibility issues for server-side processing with custom headers/timeouts.
Environment

Laravel: 12.x
yajra/laravel-datatables: 12.4
yajra/laravel-datatables-buttons: latest

Problem Description
When configuring DataTables with custom AJAX settings (required for CSRF tokens, custom headers, or timeout settings), the POST export buttons don't work correctly.
Code Example
DataTable Configuration:

public function html(): HtmlBuilder
{
    return $this->builder()
        ->setTableId('customers-table')
        ->columns($this->getColumns())
        ->ajax([
            'type' => 'POST',
            'timeout' => 15000,
            'headers' => [
                'X-CSRF-TOKEN' => csrf_token()
            ]
        ])
        ->buttons(['postExcel', 'postCsv']);
}

Controller:

public function index(Request $request, CustomersDataTable $dataTable)
{
    if ($request->ajax()) {
        return $dataTable->ajax();
    }
    return $dataTable->render('customers.index');
}

Current Behavior

Export buttons create blob URLs that don't download
Buttons redirect to home page instead of exporting
Filtered data is not exported correctly

Expected Behavior

POST export should work seamlessly with custom AJAX configuration
Export should include filtered/searched data
Should maintain URL length optimization for WAF compatibility

Use Cases Requiring This Fix

WAF Protection: Long GET URLs are blocked by Web Application Firewalls
CSRF Security: POST requests with CSRF tokens are security requirements
Custom Headers: Authentication headers, request timeouts, etc.
Production Environments: Many production setups require POST for data operations

Proposed Solution
The buttons.server-side.js should detect custom AJAX configuration and adapt export behavior accordingly:

When custom AJAX URL is present, use base URL + /export route
When custom headers exist, include them in export requests
Maintain POST method consistency for export operations

Impact
This affects any Laravel application using:

Custom AJAX configuration for security
WAF-protected environments
Production applications requiring CSRF protection
Applications with custom authentication headers

Workaround
Currently requires manual JavaScript override of export buttons, which defeats the purpose of the plugin's convenience.
Would appreciate a built-in solution that handles these common production requirements.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions