Always validate hidden form field |
Hi,
For my application i've chosen to use reCAPTCHA v3 on each form submit (on-top of CSRF), now my idea is to always check if the token has been submitted so i can validate the request and score. Similar to the CSRF check i think because that's always checked on the background. I think this should be done through a filter but not all pages have a form element so it's only required on form submits. Can someone help me on my way to what part of documentation i've got to search in?
You can use form helper (form_open) or read this manual https://codeigniter.com/user_guide/libra...light=csrf
|
Welcome Guest, Not a member yet? Register Sign In |