diff options
author | Derek Allard <derek.allard@ellislab.com> | 2010-07-22 20:10:26 +0200 |
---|---|---|
committer | Derek Allard <derek.allard@ellislab.com> | 2010-07-22 20:10:26 +0200 |
commit | 958543a38c2c97b0ec4c10fc9faf4f0753143880 (patch) | |
tree | 3fe57f162c835afc278b537fd2e5932828c55e6c /application | |
parent | 924000e27e10eb32cff6b7666a9d41546fd5f2bd (diff) |
Adding CSRF into config
Adding CSRF token into form open()
Diffstat (limited to 'application')
-rw-r--r-- | application/config/config.php | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/application/config/config.php b/application/config/config.php index bd1429a46..6e52bcc17 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -267,6 +267,17 @@ $config['global_xss_filtering'] = FALSE; /* |-------------------------------------------------------------------------- +| Cross Site Forgery Request +|-------------------------------------------------------------------------- +| Enables a CSFR cookie token to be set. When set to TRUE, token will be +| checked on a submitted form. If you are accepting user data, it is strongly +| recommended CSRF protection be enabled. +*/ +$config['csrf_protection'] = FALSE; + + +/* +|-------------------------------------------------------------------------- | Output Compression |-------------------------------------------------------------------------- | |