Welcome Guest, Not a member yet? Register   Sign In
cookie httponly
#4

(This post was last modified: 09-29-2015, 04:37 AM by Narf.)

Yes, but CI has a method to give you the CSRF token, so you don't have to read it from the cookie.

Edit:

In fact, the CSRF form field itself is variable; it's not a hard-coded name, so you need CI to give you that as well.
Reply


Messages In This Thread
cookie httponly - by Martin7483 - 09-29-2015, 01:31 AM
RE: cookie httponly - by Narf - 09-29-2015, 02:45 AM
RE: cookie httponly - by Martin7483 - 09-29-2015, 03:00 AM
RE: cookie httponly - by Narf - 09-29-2015, 04:36 AM
RE: cookie httponly - by Martin7483 - 09-29-2015, 04:44 AM
RE: cookie httponly - by Martin7483 - 09-29-2015, 05:33 AM
RE: cookie httponly - by Narf - 09-29-2015, 05:54 AM
RE: cookie httponly - by Martin7483 - 09-29-2015, 05:58 AM



Theme © iAndrew 2016 - Forum software by © MyBB