Uncategorized

According to Wikipedia CAPTCHA means “Completely Automated Public Turing test to tell Computers and Humans Apart”. In other words, CAPTCHA provides a problem human can solve easily but computer can’t. The purpose of it is to prevent automated abuse such as posting comments containing links to malicious websites or voting for a particular candidate in … Read more

By default Yii uses CSRF protection that verifies that POST requests could be made only by the same application.  It enhances overall security significantly but there are cases when CSRF should be disabled i.e.  when you expect incoming POST requests from a third party service. Additionally, if third party is posting via XMLHttpRequest (browser AJAX), … Read more