CSRF in CI 2 - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21) +--- Thread: CSRF in CI 2 (/showthread.php?tid=39013) |
CSRF in CI 2 - El Forum - 02-26-2011 [eluser]wbremen[/eluser] Hey, I saw that the new Version of Codeigniter includes some CSRF protection in the form class but I could not find any further information about it. Does it include a random token hidden field which is checked? Thanks CSRF in CI 2 - El Forum - 02-26-2011 [eluser]Rok Biderman[/eluser] http://ellislab.com/codeigniter/user-guide/libraries/security.html Here is everything i needed to make it work. CSRF in CI 2 - El Forum - 02-26-2011 [eluser]wbremen[/eluser] Thanks, but I was not asking for how it works but what exactly it does CSRF in CI 2 - El Forum - 02-26-2011 [eluser]Rok Biderman[/eluser] I just wanted to say. Take 2 mins and try it, you'll see that it actually creates hidden input with random value. As session riding protection is more or less everywhere. Edited: wrote something inappropriate CSRF in CI 2 - El Forum - 02-26-2011 [eluser]wbremen[/eluser] Okay - thanks anyway - that's what I was looking for since I always had to implement that into the forms myself before when using 1.7 |