Skip to content

Instantly share code, notes, and snippets.

@wmandai
Created January 4, 2014 12:15
Show Gist options
  • Save wmandai/8254861 to your computer and use it in GitHub Desktop.
Save wmandai/8254861 to your computer and use it in GitHub Desktop.
Codeigniter disable CSRF in specific pages
<?php
// Add this to your config.php file
if (stripos($_SERVER["REQUEST_URI"],'/controller/method') === FALSE) {
$config['csrf_protection'] = TRUE;
}else{
$config['csrf_protection'] = FALSE;
}
//the rest of the code
@vzool
Copy link

vzool commented Oct 2, 2015

Thanks buddy, it does work

@vzool
Copy link

vzool commented Oct 4, 2015

Here is my update for this logic to working with many URIs.
https://gist.github.com/vzool/87b13a3d0c8e168a3587
Hope it help other developers.

@williammoreschi
Copy link

Thanks...

@gitchak
Copy link

gitchak commented Mar 2, 2016

thanks

@aswzen
Copy link

aswzen commented Sep 30, 2016

wow its work 💃

@perudesarrollo
Copy link

thanks

@hiuryoliveira
Copy link

Thanks! (;

@marceloagil
Copy link

Thank you 1000 times.

@tanmaybug
Copy link

You can also use,
$config['csrf_exclude_uris'] = array('controller/method');

@willydevloper
Copy link

Hello,
this is for controller function, i want to ignore API file means web service controller file all functions.
please help me for this.

@juliustip
Copy link

For anyone looking at targeting list of links which can be grouped in arrays see my answer HERE

@saparovkutman
Copy link

Thank you

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment