Is enabling CSRF option enough? |
I recently came across information stating that CodeIgniter 2.x includes built-in CSRF (Cross-Site Request Forgery) protection. However, when reviewing the documentation, I couldn't find any specific details related to CSRF, except for an option to enable it by setting it to TRUE in the config.php file. In my system, I don't utilize the form_helper that automatically integrates CodeIgniter's CSRF protection. Instead, I rely on the native HTML <form> elements.
My question is whether there are any additional steps I need to take to implement CodeIgniter's CSRF protection, or is simply setting the option to TRUE sufficient for my setup?
Never Ever Trust user input!
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
|
Welcome Guest, Not a member yet? Register Sign In |