in my config file i have the following csrf setting:
$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrf_test_name';
$config['csrf_cookie_name'] = 'csrf_cookie_name';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = TRUE;
$config['csrf_exclude_uris'] = array();
problem with that is after form submission the session doesn't get deleted.If the session doesn't get destroyed after form submission ,it will create a security risk.I mean that's how it should work that i submit a form and after form submission the token gets deleted from session.
How i can solve this issue?
$config['csrf_regenerate'] = FALSE;
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.