Given someone mails you a link with html images that tries to fetch http://domain.tld/users/add_friend/5 - now the user is logged into a web client that fetches that URL.
How do you protect your cake application to not modify data. HTML wise this should be a PUT or POST method not a GET method, but how do I tell cakephp to ignore GET requests? How do I furthermore setup the link in my application's view ($html- >link()) to use PUT or POST instead of GET? Will this be possible without a <form>? Any tips? King regards ionas82 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
