Welcome Guest, Not a member yet? Register   Sign In
CI 2.0.0 CSRF Question
#1

[eluser]bogdan3l[/eluser]
Hello!

How I should configure "csrf_token_name" and "csrf_cookie_name" for a live site?

Can somebody help me? Please!

Thank you!
#2

[eluser]Eric Barnes[/eluser]
You can leave them as is if you want. I pulled these out of the security library and moved it into config just so you have the option to name it differently.
#3

[eluser]bogdan3l[/eluser]
Ok Smile. Thank you!
#4

[eluser]Unknown[/eluser]
Does CSRF handle the encoding issue highlighted here in which Mike Duncan suggests to use urlencode() as a precaution?

ponderwell.net/2010/08/codeigniter-xss-protection-is-good-but-not-enough-by-itself/




Theme © iAndrew 2016 - Forum software by © MyBB