Breaking News: Grepper is joining You.com. Read the official announcement!
Check it out

CodeIgniter\Shield\Exceptions\SecurityException Config\Security::$csrf Protection is set to 'cookie'. Same-site attackers may bypass the CSRF protection. Please set it to 'session'.

Add Answer
Santiago Galeano answered on February 4, 2023 Popularity 1/10 Helpfulness 1/10

Contents

  • answer CodeIgniter\Shield\Exceptions\SecurityException Config\Security::$csrf Protection is set to 'cookie'. Same-site attackers may bypass the CSRF protection. Please set it to 'session'.

    • More Related Answers

  • You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token.
  • Setting the 'csrf_provider' configuration key on a security firewall is deprecated since version 2.8 and will be removed in 3.0. Use the 'csrf_token_generator' configuration key instead.

    • CodeIgniter\Shield\Exceptions\SecurityException Config\Security::$csrf Protection is set to 'cookie'. Same-site attackers may bypass the CSRF protection. Please set it to 'session'.

    Comment
    0
    Popularity 1/10 Helpfulness 1/10 Language php
    Source: Grepper
    Tags: bypass php set
    Link to this answer
    Share Copy Link
    Santiago Galeano
    Contributed on Feb 04 2023
    Santiago Galeano
    0 Answers  Avg Quality 2/10

    X

    Continue with Google

    By continuing, I agree that I have read and agree to Greppers's Terms of Service and Privacy Policy.
    X
    Grepper Account Login Required

    Oops, You will need to install Grepper and log-in to perform this action.