From The Blog

CakePHP 2 aggressive Security - continued

29 February 2012, in AjaxCakePHP

CakePHP 2.0 has another aggressive security which is shown clearly when trying to make an ajax request to an action via method POST, it fires security error that says "Request is blackholed due to auth".

The Solution to disable this aggressive validation for this action to set security attribute $validatePost to false.

 

property SecurityComponent::$validatePost

Set to false to completely skip the validation of POST requests, essentially turning off form validation.

so you can set it to false in the beforeFilter callback of your controller for this action like this

if(in_array($this->action,array("some_action"))){
$this->Security->validatePost = false;

}



Post a Comment