• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
CSRF check fails

#1
I'm having trouble understanding this CSRF issue.
Whenever a user visits my websites through a link he/she clicked on for example Facebook, my CSRF check will fail.

So I posted a link on facebook so people could register on my site but the CSRF prevents this.

The link I posted: example.com/register
The controller when the user submits the form: example.com/member/register

As you can see I whitelisted the URI for now but I'd like to undo this.

Code:
$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'rfhm';
$config['csrf_cookie_name'] = 'rfhmc';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = TRUE;
$config['csrf_exclude_uris'] = array('member/register');

How I open the form:
Code:
<?php echo form_open('member/register'); ?>

What am I missing?
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.