Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter General Help Is it possible to enable CSRF protection for RESTful method like PUT and DELETE
Is it possible to enable CSRF protection for RESTful method like PUT and DELETE
  • Offline dangyuluo
    Junior Member
  • **
  • Posts: 17
    Threads: 10
    Joined: Mar 2015
    Reputation: 0
#2
05-18-2016, 07:17 AM

The CSRF config part is as follows:
Code:
$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = TRUE;
$config['csrf_exclude_uris'] = array('api');

Quiet common. The document of Security Class(here) says:
Quote:CodeIgniter provides CSRF protection out of the box, which will get automatically triggered for every non-GET HTTP request, but also needs you to create your submit forms in a certain way. This is explained in the Security Library documentation.

But actually the test result is: (pls neglect the wrong word delete)
[Image: QQ20160518-0@2x.png]
Reply


Messages In This Thread
RE: Is it possible to enable CSRF protection for RESTful method like PUT and DELETE - by dangyuluo - 05-18-2016, 07:17 AM



Theme © iAndrew 2016 - Forum software by © MyBB