I am no expert and hate the black-hole. My sites use a s#it load of ajax request which Security cannot handle with forms so I created my own lock / key methods.
Pretty much based off the idea of Security hashing the fields then checking on submit to match for form tampering. So every time a form is submitted I generate the $lock and on form submit the $lock is checked against the $key so it prevents CSRF, form tampering and all that good stuff. Beats having to black hole and wonder why! From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Tuesday, April 02, 2013 12:12 PM To: [email protected] Cc: jmail; [email protected] Subject: Re: The request has been black-holed To save people form themselves? To save the world? I really don't care. Bottom line: That blackholed request thing is a usability nightmare. You merely have to reload the page On Monday, April 1, 2013 6:41:44 AM UTC+1, rchavik wrote: On Thursday, March 28, 2013 4:57:38 PM UTC+7, [email protected] wrote: Security features like this that cause issues with basic flow, should be OFF by default. CakePHP is it's own worst enemy for leaving it in. Why do you think CakePHP turns SecurityComponent on by default? -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/cake-php?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/cake-php?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
