Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a codeigniter based website and occasionally I have controllers that are called via AJAX and return JSON values. The problem is since I’ve already autoloaded the session library anything that’s sent as a response from codeigniter has the
Set-Cookie ci_csrf_token=65d0857a89345g5sg5695e71fa687b14c; expires=Sat, 09-Jul-2011 17:00:29 GMT; path=/
header parameter set. This seems like unneccessary bandwidth overhead, is there any way to prevent codeigniter from sending this header?
Not without modifying the Session class: it does not expose control over that header in the published interface.
In addition, that cookie is not generated by the Session class, but by the Security class. You will have to disable CSRF protection, which is unfortunately not something you can do using the published interface on a per-request behavior.