Adding CSRF into config Adding CSRF token into form open()

commit: 958543a38c2c97b0ec4c10fc9faf4f0753143880 [log] [tgz]
author: Derek Allard <derek.allard@ellislab.com> Thu Jul 22 14:10:26 2010 -0400
committer: Derek Allard <derek.allard@ellislab.com> Thu Jul 22 14:10:26 2010 -0400
tree: 3fe57f162c835afc278b537fd2e5932828c55e6c
parent: 924000e27e10eb32cff6b7666a9d41546fd5f2bd [diff] [blame]
diff --git a/application/config/config.php b/application/config/config.php
index bd1429a..6e52bcc 100644
--- a/application/config/config.php
+++ b/application/config/config.php

@@ -267,6 +267,17 @@
 
 /*
 |--------------------------------------------------------------------------
+| Cross Site Forgery Request
+|--------------------------------------------------------------------------
+| Enables a CSFR cookie token to be set. When set to TRUE, token will be
+| checked on a submitted form. If you are accepting user data, it is strongly
+| recommended CSRF protection be enabled.
+*/
+$config['csrf_protection'] = FALSE;
+
+
+/*
+|--------------------------------------------------------------------------
 | Output Compression
 |--------------------------------------------------------------------------
 |
commit	958543a38c2c97b0ec4c10fc9faf4f0753143880	[log] [tgz]
author	Derek Allard <derek.allard@ellislab.com>	Thu Jul 22 14:10:26 2010 -0400
committer	Derek Allard <derek.allard@ellislab.com>	Thu Jul 22 14:10:26 2010 -0400
tree	3fe57f162c835afc278b537fd2e5932828c55e6c
parent	924000e27e10eb32cff6b7666a9d41546fd5f2bd [diff] [blame]