Closed linusgke closed 1 year ago
The application might be susceptible to Cross-Site-Request-Forgery - we should have a look at that. https://www.codeigniter.com/user_guide/libraries/security.html?highlight=csrf#config-for-csrf
/** * List of filter aliases that are always * applied before and after every request. */ public array $globals = [ 'before' => [ // 'honeypot', // 'csrf', <--- This should be enabled!
Done! (see https://github.com/WaldorfConnect/portal/issues/3)
linusgke
commented
1 year ago
The application might be susceptible to Cross-Site-Request-Forgery - we should have a look at that. https://www.codeigniter.com/user_guide/libraries/security.html?highlight=csrf#config-for-csrf