CodeIgniter

07/12/2009

CodeIgniter CSRF (XSRF) library

They say a lot of developers work on things to scratch their own itch. This is me scratching.

I'm a fan of the CodeIgniter project but I find it odd that such a well developed framework lacks CSRF protection in the core. There are a few CI CSRF libs but most of them are outdated so I wrote my own. A few ideas came from Michael Wales' toolkit but this library is written from scratch. One of the major differences is that this toolkit uses form IDs instead of a timer to handle forms in different tabs which I find more robust since it doesn't rely on time.

Download csrf-v4.tgz

Read more »

All code on this site is free for use at your own risk and provided as-is under the WTFPL license unless otherwise stated. Attribution is appreciated but not required.
Blog content, with the exception of externally quoted material, is licensed under the Creative Commons Attribution 3.0 license