+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Development (https://forum.codeigniter.com/forumdisplay.php?fid=6)
+--- Forum: CodeIgniter 2.x (https://forum.codeigniter.com/forumdisplay.php?fid=18)
+--- Thread: Is enabling CSRF option enough? (/showthread.php?tid=88054)
Is enabling CSRF option enough? - AnuragTangra - 07-12-2023
I recently came across information stating that CodeIgniter 2.x includes built-in CSRF (Cross-Site Request Forgery) protection. However, when reviewing the documentation, I couldn't find any specific details related to CSRF, except for an option to enable it by setting it to TRUE in the config.php file. In my system, I don't utilize the form_helper that automatically integrates CodeIgniter's CSRF protection. Instead, I rely on the native HTML <form> elements.
My question is whether there are any additional steps I need to take to implement CodeIgniter's CSRF protection, or is simply setting the option to TRUE sufficient for my setup?
RE: Is enabling CSRF option enough? - InsiteFX - 07-12-2023
Never Ever Trust user input!