CodeIgniter Forums
Turn off CSRF for a single controller error - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: Installation & Setup (https://forum.codeigniter.com/forumdisplay.php?fid=9)
+--- Thread: Turn off CSRF for a single controller error (/showthread.php?tid=64313)



Turn off CSRF for a single controller error - sammyci - 02-06-2016

I have a controller that adds on # and : i.e. localhost/site/controller#files:home

It works as expected with CSRF turned off. I want to turn it off for the whole controller. In my config I tried excluding it with

site/controller
site/controller/
site/controller[a-zA-Z0-9#:]
site/controller[a-zA-Z0-9#:/]

What am i missing?


RE: Turn off CSRF for a single controller error - skunkbad - 02-07-2016

(02-06-2016, 03:32 PM)sammyci Wrote: I have a controller that adds on # and : i.e. localhost/site/controller#files:home

It works as expected with CSRF turned off. I want to turn it off for the whole controller. In my config I tried excluding it with

site/controller
site/controller/
site/controller[a-zA-Z0-9#:]
site/controller[a-zA-Z0-9#:/]

What am i missing?

Maybe in config/config.php you can do something like this:


PHP Code:
$config['csrf_exclude_uris'] = array(
    'site/controller.*'
); 

or this:

PHP Code:
$config['csrf_protection'] = ( stripos$_SERVER['REQUEST_URI'], 'site/controller' ) !== FALSE 
 
    FALSE 
     
TRUE
More than one way to skin a cat.


RE: Turn off CSRF for a single controller error - sammyci - 02-07-2016

Thanks so much man, saved my day!