Forcing CSRF on a form - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20) +--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23) +--- Thread: Forcing CSRF on a form (/showthread.php?tid=49235) |
Forcing CSRF on a form - El Forum - 02-12-2012 [eluser]Clooner[/eluser] My site is deployed over multiple domains and the form_open function in the form_helper only forces csrf protection when you are posting to the same site_url. Although this might be wanted behavior in some situations it might be useful to generate the csrf token. The form_open function should have a way to force the csrf token . I know we can easily do this by using an hidden array ourselves but the code for the csrf generation is already in the form helper. I suggest to add an option to this helper function like Code: if ( ! function_exists('form_open')) |