Thank you for this information. Basically, I should just not count on CSRF
protection in AJAX, which I get. I'm assuming I must be making some change
to the form in question via AJAX, I guess I'll have to turn off the
validation.
--
Our newest site for the community: CakePHP Video Tutorials
I've finally figure out that CakePHP's Security Component will validate form
fields, dumping the user out on a 404 if anything is wrong. Great, but now
the question is: what is wrong?
According to the documentation, the form should be setup via the Form
Helper. It is. But other than that, no
As long as you are overriding the naming with the help of the form helper
you should not encouter problems.
If you make changes with JavaScript on the clientside or load option lists
(for example) via AJAX then the security component will stop you. That is
mostly because of its CSRF protection