CI 2.0.0 CSRF Question - Printable Version

CI 2.0.0 CSRF Question - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=22)
+--- Thread: CI 2.0.0 CSRF Question (/showthread.php?tid=38064)

CI 2.0.0 CSRF Question - El Forum - 01-29-2011

[eluser]bogdan3l[/eluser]
Hello!

How I should configure "csrf_token_name" and "csrf_cookie_name" for a live site?

Can somebody help me? Please!

Thank you!

CI 2.0.0 CSRF Question - El Forum - 01-29-2011

[eluser]Eric Barnes[/eluser]
You can leave them as is if you want. I pulled these out of the security library and moved it into config just so you have the option to name it differently.

CI 2.0.0 CSRF Question - El Forum - 01-30-2011

[eluser]bogdan3l[/eluser]
Ok Smile

. Thank you!

CI 2.0.0 CSRF Question - El Forum - 01-31-2011

[eluser]Unknown[/eluser]
Does CSRF handle the encoding issue highlighted here in which Mike Duncan suggests to use urlencode() as a precaution?

ponderwell.net/2010/08/codeigniter-xss-protection-is-good-but-not-enough-by-itself/