+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived General Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=21)
+--- Thread: CSRF in CI 2 (/showthread.php?tid=39013)
CSRF in CI 2 - El Forum - 02-26-2011
[eluser]wbremen[/eluser]
Hey,
I saw that the new Version of Codeigniter includes some CSRF protection in the form class but I could not find any further information about it.
Does it include a random token hidden field which is checked?
Thanks
CSRF in CI 2 - El Forum - 02-26-2011
[eluser]Rok Biderman[/eluser]
http://ellislab.com/codeigniter/user-guide/libraries/security.html
Here is everything i needed to make it work.
CSRF in CI 2 - El Forum - 02-26-2011
[eluser]wbremen[/eluser]
Thanks, but I was not asking for how it works but what exactly it does
CSRF in CI 2 - El Forum - 02-26-2011
[eluser]Rok Biderman[/eluser]
I just wanted to say. Take 2 mins and try it, you'll see that it actually creates hidden input with random value. As session riding protection is more or less everywhere.
Edited: wrote something inappropriate
CSRF in CI 2 - El Forum - 02-26-2011
[eluser]wbremen[/eluser]
Okay - thanks anyway - that's what I was looking for since I always had to implement that into the forms myself before when using 1.7