Serious issue with c_I 4.1.8 CSRF |
Hi All!
I have been curious for a while about c_I 4.1.8 on Code: CSRF PHP Code: public $methods = [ in PHP Code: <PHP echo form_open('controller/method')?> /*This does not accept CRSF to be enabled wether globally or ..*/ if I allow Code: csrf if I do Code: <form method="post" action="<?PHP echo base_url('controller/method')?>"></form> /*This allow CRSF work*/ so why In built form does not work if CRSF if is allowed in (Globally) or PHP Code: public $methods = [ Codeigniter First, Codeigniter Then You!!
yekrinaDigitals
Sorry, I don't get what you say.
But if you use to set csrf filter with $methods and only 'post', you have to add csrf token manually. Quote:To use auto-generation of CSRF field, you need to turn CSRF filter on to the form page. In most cases it is requested using the GET method. (02-16-2022, 03:02 AM)kenjis Wrote: Sorry, I don't get what you say. good solved by your way thank you Codeigniter First, Codeigniter Then You!!
yekrinaDigitals
|
Welcome Guest, Not a member yet? Register Sign In |