CI 2.0.0 CSRF Question |
[eluser]bogdan3l[/eluser]
Hello! How I should configure "csrf_token_name" and "csrf_cookie_name" for a live site? Can somebody help me? Please! Thank you!
[eluser]Eric Barnes[/eluser]
You can leave them as is if you want. I pulled these out of the security library and moved it into config just so you have the option to name it differently.
[eluser]Unknown[/eluser]
Does CSRF handle the encoding issue highlighted here in which Mike Duncan suggests to use urlencode() as a precaution? ponderwell.net/2010/08/codeigniter-xss-protection-is-good-but-not-enough-by-itself/ |
Welcome Guest, Not a member yet? Register Sign In |