+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Why Do I Get On Going CSRF Errors ? (/showthread.php?tid=55482)
Why Do I Get On Going CSRF Errors ? - El Forum - 10-28-2012
[eluser]vincej[/eluser]
HI - I have
Code:
$config['csrf_protection'] = TRUE;on my dev sys and everything appeared to work well during development. I developed the system with form_open throughout.
Then when I uploaded it to the ISP, CSFR= TRUE gives me an continuous error: “The action you have requested is not allowed.” So I was forced to turn it off.
Ok, so I went back to my dev sys and discovered that despite have CSFR = true and using form_open, I do not see any hidden token value in the rendered HTML source code.
I have read all kinds of posts on this topic. But so far I have not found a straight forward set of instructions on how to over come the problem
I am nervous that I am open to attack - so any advice is gratefully received.