When setting up the Security component there are settings that can help (although I am not entirely certain what risks - if any - these introduce):
'Security' => array( 'csrfUseOnce' => false, 'unlockedActions' => array( 'your_action' ) ) Setting csrfUseOnce to false means it will reuse the existing tokens, which in turn means you can refresh the page without a black hole. The unlockedActions setting is clearly more risky as it effectively disables the component for that action - but in some cases it can be useful. Jeremy Burns Class Outfit http://www.classoutfit.com On 2 Apr 2013, at 15:41:59, b...@articad.cc wrote: > > To save people form themselves? To save the world? I really don't care. > > Bottom line: That blackholed request thing is a usability nightmare. You > merely have to reload the page > > On Monday, April 1, 2013 6:41:44 AM UTC+1, rchavik wrote: > > > On Thursday, March 28, 2013 4:57:38 PM UTC+7, b...@articad.cc wrote: > Security features like this that cause issues with basic flow, should be OFF > by default. CakePHP is it's own worst enemy for leaving it in. > > > Why do you think CakePHP turns SecurityComponent on by default? > > -- > Like Us on FaceBook https://www.facebook.com/CakePHP > Find us on Twitter http://twitter.com/CakePHP > > --- > You received this message because you are subscribed to the Google Groups > "CakePHP" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cake-php+unsubscr...@googlegroups.com. > To post to this group, send email to cake-php@googlegroups.com. > Visit this group at http://groups.google.com/group/cake-php?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > > -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en. For more options, visit https://groups.google.com/groups/opt_out.