summaryrefslogtreecommitdiffstats
path: root/application/config
diff options
context:
space:
mode:
authorAlex Bilbie <alex.bilbie@gmail.com>2011-08-21 17:14:54 +0200
committerAlex Bilbie <alex.bilbie@gmail.com>2011-08-21 17:14:54 +0200
commitaeb2c3e532e78be9ac78ba6fd4a305b7be31d2ab (patch)
tree91050bc3c6fb7cbcd26c96cc577e60571dedd1a1 /application/config
parenta1a8ef711ec179a183a32f6cf4502ddc48782a84 (diff)
Added new config parameter "csrf_exclude_uris" which allows for URIs to be whitelisted from CSRF verification. Fixes #149
Diffstat (limited to 'application/config')
-rw-r--r--application/config/config.php2
1 files changed, 2 insertions, 0 deletions
diff --git a/application/config/config.php b/application/config/config.php
index 1ec65435e..b64b11669 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -292,11 +292,13 @@ $config['global_xss_filtering'] = FALSE;
| 'csrf_token_name' = The token name
| 'csrf_cookie_name' = The cookie name
| 'csrf_expire' = The number in seconds the token should expire.
+| 'csrf_exclude_uris' = Array of URIs which ignore CSRF checks
*/
$config['csrf_protection'] = FALSE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
+$config['csrf_exclude_uris'] = array();
/*
|--------------------------------------------------------------------------