First of all, You must change component config to enable the default Yii CSRF validation.
First of all, You must change component config to enable the default Yii CSRF validation.
CSRF is the acronymn for Cross-site request forgery.
It is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated.
I am writing this guide because I struggled to find a resource that included ALL of the necessary steps to completely separate the frontend from the backend. After reading guides like Configuring different sessions for backend and frontend in yii-advanced-app and [yii2 configuring d...
Getting "Expired token" errors ? Here is a solution to avoid invalid CSRF on POST or ajax requests, or user identity changes.
CSRF é o acrônimo para Cross-site request forgery.
CSRF é um ataque que forca o usuário a executar ações não desejadas numa aplicação Web na qual ele está autenticado.
Hello Yii friends