Hi Martin.
Thanks for your response! I actually know how that kind of defense
works (hidden token generated in the form that must match the token in
the session). I already have programmed that manually.
Right, I am interested in using it but with AJAX requests inside the
form that refresh som
I don't use much ajax in my current work.
I do use Security Component, though. What might show you the right
direction is how Security works on forms to prevent outside requests.
Just by including the component in your controller Cake will add a
hash to your form. If the form is posted without th
Hello...
I have added this to my app_controller:
var $components = array('Auth', 'Security');
Then in one of my controllers I have:
$this->Security->requireAuth('add', 'add_streams');
$this->Security->allowedActions = array('ajax_cantons',
'ajax_districts');
The actions ajax_cantons and ajax_