CodeIgniter Forums

Full Version: iOS 6 Safari and CSRF token
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

El Forum

[eluser]Unknown[/eluser]
Hi,

I'm using csrf token in CI, which works fine.
But in iOS 6 Safari, the csrf token cookie is not present. All other cookies created in Code Igniter are working, only the csrf token cookie is not working.

The configuration used is:

Code:
$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_token';
$config['csrf_cookie_name'] = 'base_code';
$config['csrf_expire'] = 7200;

Has anyone come across this problem? How can I make the csrf token cookie work in iOS 6 Safari?

Thanks!

El Forum

[eluser]CroNiX[/eluser]
Are you using it in an iFrame by chance? If so Safari blocks 3rd party cookies in iFrames.

El Forum

[eluser]Unknown[/eluser]
No, not in an iframe. I'm not using iframes on the website...

El Forum

[eluser]CroNiX[/eluser]
Don't have an ios device so not sure. I'd just try to examine the difference between the CI cookies that work and the csrf cookie using firebug or the browsers developer tools. Maybe remove the underscores from the token/cookie names...who knows.