Is enabling CSRF option enough? - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Development (https://forum.codeigniter.com/forumdisplay.php?fid=6) +--- Forum: CodeIgniter 2.x (https://forum.codeigniter.com/forumdisplay.php?fid=18) +--- Thread: Is enabling CSRF option enough? (/showthread.php?tid=88054) |
Is enabling CSRF option enough? - AnuragTangra - 07-12-2023 I recently came across information stating that CodeIgniter 2.x includes built-in CSRF (Cross-Site Request Forgery) protection. However, when reviewing the documentation, I couldn't find any specific details related to CSRF, except for an option to enable it by setting it to TRUE in the config.php file. In my system, I don't utilize the form_helper that automatically integrates CodeIgniter's CSRF protection. Instead, I rely on the native HTML <form> elements. My question is whether there are any additional steps I need to take to implement CodeIgniter's CSRF protection, or is simply setting the option to TRUE sufficient for my setup? RE: Is enabling CSRF option enough? - InsiteFX - 07-12-2023 Never Ever Trust user input! |