Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support CI4 - security with Forms
CI4 - security with Forms
  • Offline ajmeireles
    Junior Member
  • **
  • Posts: 16
    Threads: 7
    Joined: Oct 2019
    Reputation: 2
#3
07-11-2020, 09:31 PM

(07-11-2020, 09:35 AM)kilden Wrote: Hello,

I wonder a lot of things about security with my forms in Codeigniter 4. If someone could enlighten me... ^^

1 Is esc() function useful on Views or only in Controllers ?

2) Is esc() function (or something else) useful when sending an email ? (for preventing loading malware inside email maybe??) ?

3) Is it useful to enable 'csrf' with any form or a strong validation is enough ?

4) What kind of simple captcha would you recommend for bots ? I've tried to install ReCaptcha 3 and 2 without success because issues with Firefox and Apple Safari which doesn't allow loading such external ressource. It told me : "The source list for Content Security Policy directive 'script-src' contains an invalid source: ''strict-dynamic''. It will be ignored."

Thank you for your advices.


1. In views
2. I don't know, but I think no.
3. Both. CSRF and valitations to the all posts requisitions.
Reply


Messages In This Thread
CI4 - security with Forms - by kilden - 07-11-2020, 09:35 AM
RE: CI4 - security with Forms - by InsiteFX - 07-11-2020, 10:09 AM
RE: CI4 - security with Forms - by ajmeireles - 07-11-2020, 09:31 PM
RE: CI4 - security with Forms - by kilden - 07-12-2020, 11:36 AM
RE: CI4 - security with Forms - by jreklund - 07-13-2020, 12:39 AM



Theme © iAndrew 2016 - Forum software by © MyBB