Given someone mails you a link with html images that tries to fetch
http://domain.tld/users/add_friend/5
- now the user is logged into a web client that fetches that URL.
How do you protect your cake application to not modify data. HTML wise
this should be a PUT or POST method not a GET
('*');
$this-Auth-allow('login');
} else {
$this-Auth-allow('*');
}
} else {
$this-Auth-allow('*');
}
}
}
?
King regards
Jonas
all actions.
In the view I could just compare to that query (like in 1. Solution)
Problem: Seems to be lots of work, could work well, no idea if this is
the way to go
Any idea how to do it with one query cake'ish? What are your thoughts?
King regards
Jonas Hartmann