Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Is it safe to pass YII_CSRF_TOKEN in the GET?

  • alorenc
  • alorenc's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
2 years 10 months ago - 2 years 10 months ago #217053 by alorenc
Is it safe to pass YII_CSRF_TOKEN in the GET? was created by alorenc
Hi, why is the token passed in GET and is this approach safe?

Limesurvey: v3.25.19
Attachments:
Last edit: 2 years 10 months ago by alorenc.
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
2 years 10 months ago #217104 by DenisChenu
Replied by DenisChenu on topic Is it safe to pass YII_CSRF_TOKEN in the GET?
I think we can remove it, but when we start to move to Yii : there are bunch of issue with YII_CSRF_TOKEN , then adding it in ajaxSetup : github.com/LimeSurvey/LimeSurvey/commit/...cf5632d40b25fa142a90

Seems still needed :)
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The following user(s) said Thank You: alorenc
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose

Pricing & Plans
Get started

Legal

About Us

Open Source