CSRF on all POST requests (Controller-based)

Submitted by danalloway - 5 years ago

A Controller-based solution to add the CSRF filter to all POST requests.

class BaseController extends Controller {

    public function __construct()
    {
        // CSRF protection for all POST requests
        $this->beforeFilter('csrf', array('on' => 'post'));
    }

}
comments powered by Disqus