Issue
I send same form data from different contollers and subdomain. But in one case I need disable CSRF validation.
Example:
Login form:
Location 1: main page example.com
Location 2: account.example.com/login
Location 3:
gate.example.com
And I need disable validation just in case when I send data from location 1 to location 2.
I Used $form = $this->beginWidget('CActiveForm',...
How can I do that?
I supose that csrf cookie is not crossdomain!
Solution
As a name suggest it is Cross-Site-Request-Forgery, so no it is not crossdomain and must not be:)
CSRF is enabled in request component, so just get request component and reconfigure it:
Yii::app()->request->enableCsrfValidation = false;
Im not quite sure where to put it, probably in the beginning of action.
Answered By - user133408
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.