Welcome Guest, Not a member yet? Register   Sign In
Turn off CSRF for a single controller error
#1

I have a controller that adds on # and : i.e. localhost/site/controller#files:home

It works as expected with CSRF turned off. I want to turn it off for the whole controller. In my config I tried excluding it with

site/controller
site/controller/
site/controller[a-zA-Z0-9#:]
site/controller[a-zA-Z0-9#:/]

What am i missing?
Reply
#2

(This post was last modified: 02-07-2016, 01:32 AM by skunkbad.)

(02-06-2016, 03:32 PM)sammyci Wrote: I have a controller that adds on # and : i.e. localhost/site/controller#files:home

It works as expected with CSRF turned off. I want to turn it off for the whole controller. In my config I tried excluding it with

site/controller
site/controller/
site/controller[a-zA-Z0-9#:]
site/controller[a-zA-Z0-9#:/]

What am i missing?

Maybe in config/config.php you can do something like this:


PHP Code:
$config['csrf_exclude_uris'] = array(
    'site/controller.*'
); 

or this:

PHP Code:
$config['csrf_protection'] = ( stripos$_SERVER['REQUEST_URI'], 'site/controller' ) !== FALSE 
 
    FALSE 
     
TRUE
More than one way to skin a cat.
Reply
#3

Thanks so much man, saved my day!
Reply




Theme © iAndrew 2016 - Forum software by © MyBB