Added new config parameter "csrf_exclude_uris" which allows for URIs to be whitelisted from CSRF verification. Fixes #149
diff --git a/application/config/config.php b/application/config/config.php
index 1ec6543..b64b116 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -292,11 +292,13 @@
| 'csrf_token_name' = The token name
| 'csrf_cookie_name' = The cookie name
| 'csrf_expire' = The number in seconds the token should expire.
+| 'csrf_exclude_uris' = Array of URIs which ignore CSRF checks
*/
$config['csrf_protection'] = FALSE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
+$config['csrf_exclude_uris'] = array();
/*
|--------------------------------------------------------------------------