stackoom
  简体   繁体   中英

CakePHP Secure logout

 原文  2011-05-06 13:02:51       php/ cakephp

Question

I have seen on some CakePHP websites that they have extra information on the logout eg http://website.com/logout/DxcFaWlFaDOw

Apparently this is for security reasons? Can anyone tell me more about this and how to implement it using Cake?

1 answers

solution1
 0  2011-05-06 13:08:30

These security codes are called CSRF tokens, and they are used to prevent CSRF attacks to happen. (even though using CSRF tokens in logout links is quite pointless)

You can implement it in Cake by using the Form helper and adding: 

public $components = array('Security');

in your controllers.

Source

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Secure logout with PHP sessions CakePHP 3: users not allowed to logout? cakephp logout is not working perfectly Cakephp LogOut Not work CakePHP 2.0 logout Prevent automatic logout cakephp cakephp logout redirect CakePHP cookies are not secure and not httponly Internal Error with AuthComponent Logout in CakePHP How to disable cache on logout in CakePHP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM