Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Enabled CSRF validation
  • Loading branch information
ivicaned committed Mar 1, 2012
1 parent b14c258 commit 92c73ab
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
2 changes: 1 addition & 1 deletion app/protected/config/common.php
Expand Up @@ -163,7 +163,7 @@
'timeZone' => 'America/Chicago',
),
'request' => array(
'enableCsrfValidation' => false,
'enableCsrfValidation' => true,
'enableCookieValidation' => false, //keep off until we can fix it on linux/windows servers.
),
'urlManager' => array (
Expand Down
Expand Up @@ -28,6 +28,11 @@ class BeginRequestBehavior extends CBehavior
{
public function attach($owner)
{
if(Yii::app()->apiRequest->isApiRequest())
{
Yii::app()->detachEventHandler('onBeginRequest',array(Yii::app()->request,'validateCsrfToken'));
}

$owner->attachEventHandler('onBeginRequest', array($this, 'handleImports'));
if (Yii::app()->apiRequest->isApiRequest())
{
Expand Down

0 comments on commit 92c73ab

Please sign in to comment.