CSRF and Browser Cookie Settings |
I am using codeigniter 3 and I use database settings for cookies and CRSF is active. My site is using SSL as well. I have been having issue where sometimes my forms and AJAX work fine and sometimes I receive "The action you have requested is not allowed." errors.
I noticed that my form/AJAX submissions work fine in some browsers and not others and I finally figured out it is because of my cookie settings. I accept cookies in Chrome and not in Firefox and my site works as designed in Chrome. Is there a way to have my browser setting remain at "do not accept cookies" and still use Codeignier with CSRF? Below are my config settings. As I mentioned my code works just fine in browsers where I accept cookies. Code: $config['sess_driver'] = 'database'; |
Welcome Guest, Not a member yet? Register Sign In |