I'm new to 开发者_JS百科CakePHP and am wondering how to protect my forms from Cross Site Request Forgery, ie adding a nonce to the forms. I've set the salt in the config file.
You have to add the Security component to the $components array of your controller(s):
public $components = array('Security');
CakePHP will then automatically add a nonce to your form when you use the Form helper to create your forms.
you can also import the Sanitze lib for extra strong security
http://book.cakephp.org/view/153/Data-Sanitization
App::import('Sanitize');
$badString = ";:<script><html>< // >@@#";
echo Sanitize::paranoid($badString);
// output: scripthtml
echo Sanitize::paranoid($badString, array(' ', '@'));
// output: scripthtml @@
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论