Hi to all...
I enable CSRF in my app with ajax calling. I know how to handle CSRF protection while using ajax. But in part of my app, there is a cascading select elements (one for state and one cities that via ajax, populate relate cities to selected state). If I set csrf_regenerate to True, there is an 403 (Forbidden) error, and when set it to FALSE, everything is ok.
My question is: How could I handle this issue, while $config['csrf_regenerate'] = TRUE.
CI Security Document:
Now is there any way? Or must be set this property to FALSE?
thanks.
I enable CSRF in my app with ajax calling. I know how to handle CSRF protection while using ajax. But in part of my app, there is a cascading select elements (one for state and one cities that via ajax, populate relate cities to selected state). If I set csrf_regenerate to True, there is an 403 (Forbidden) error, and when set it to FALSE, everything is ok.
My question is: How could I handle this issue, while $config['csrf_regenerate'] = TRUE.
CI Security Document:
Quote:The default regeneration of tokens provides stricter security.
Now is there any way? Or must be set this property to FALSE?
thanks.