InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Explain how to prevent CodeIgniter from CSRF(Cross Site Request Forgery). |
|
Answer» There are many WAYS to protect CodeIgniter from CSRF, one method of doing this is to use a HIDDEN field in every form on the website. This hidden field is considered as CSRF token, it is a random value that changes with each HTTP request SENT. After gets inserted into the website forms, it will be saved in the user’s session as WELL. So, when the user submits the form, the website CHECKS whether it is the same as the one that was saved in the session. If it is the same then, the request is authorized. |
|