Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Development CodeIgniter 3.x CRSF
CRSF
  • Offline scalar1
    Newbie
  • *
  • Posts: 5
    Threads: 4
    Joined: Apr 2015
    Reputation: 0
#1
07-25-2015, 08:59 AM

When $config['csrf_protection'] = TRUE,
if I search the site via a search form, click on a search result and then clicks on the browser back button,
the browser says: "Webpage has expired"

$config['csrf_regenerate'] = FALSE !

if I set $config['csrf_protection'] to TRUE it solves the problem, but obviously this is not a good idea...
Reply
  • Offline Avenirer
    Senior Member
  • ****
  • Posts: 419
    Threads: 15
    Joined: Oct 2014
    Reputation: 21
#2
07-27-2015, 01:54 AM

how did you create the form? with form_open()?
Website: http://avenir.ro
Reply
  • Offline Iman
    Newbie
  • *
  • Posts: 3
    Threads: 0
    Joined: Nov 2014
    Reputation: 0
#3
07-29-2015, 09:22 AM

how solve it still show on page view source.....
Reply
  • Offline scalar1
    Newbie
  • *
  • Posts: 5
    Threads: 4
    Joined: Apr 2015
    Reputation: 0
#4
07-30-2015, 12:37 AM

(07-27-2015, 01:54 AM)Avenirer Wrote: how did you create the form? with form_open()?

Yes
Reply
  • Offline spjonez
    Member
  • ***
  • Posts: 215
    Threads: 16
    Joined: Oct 2014
    Reputation: 10
#5
07-31-2015, 08:25 AM

Set csrf_regenerate to false otherwise the token stored in your page will be invalid when they click back. http://security.stackexchange.com/questi...rm-request see first reply.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB