6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Disable form security CakePHP\",\"text\":\"

Is it possible to turn of all CakePHP security features for only 1 particular form in a view? So I don't get any hidden fields (tokens) in that form.

\\n\\n

Thank you,

\\n\\n

Bart

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"user1447499\"},\"upvoteCount\":6,\"answerCount\":2,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

You can disable it for that action via:

\\n\\n

public function beforeFilter() {\\n    parent::beforeFilter();\\n    if ($this->request->params['action'] == 'action') { \\n        $this->Security->validatePost = false; \\n    } \\n}\\n

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"tigrang\"},\"upvoteCount\":3}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","security",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/security/1","children":"security"}]}],["$","span","cakephp",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/cakephp/1","children":"cakephp"}]}],["$","span","cakephp-2.1",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/cakephp-2.1/1","children":"cakephp-2.1"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/d56362772e253cec5933e7de4691585a?s=256&d=identicon&r=PG","alt":"user1447499","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/1447499/user1447499","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"user1447499"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",63]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Disable form security CakePHP"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

Is it possible to turn of all CakePHP security features for only 1 particular form in a view? So I don't get any hidden fields (tokens) in that form.

\n\n

Thank you,

\n\n

Bart

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",6]}],["$","p",null,{"children":["Views: ",2593]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","11531018",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/Unnc2.jpg?s=256","alt":"Serge S.","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/301663/serge-s","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Serge S."}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",4915]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

In order to remove annoying hidden inputs _Token.key and fields from your form (for instance, to clarify query string when you use GET method), you need to do following stuff on beforeRender in addition to beforeFilter from tigrang's answer:

\n\n

function beforeRender() {\n    parent::beforeRender();\n    unset($this->params[\"_Token\"]);\n}\n

\n\n

(This is actual at least for CakePHP 1.3)

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",0]}]}]]}],["$","div","11004812",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/917208244e4c66fbd7c6bcf416b25e12?s=256&d=identicon&r=PG","alt":"tigrang","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/1377507/tigrang","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"tigrang"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",6767]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

You can disable it for that action via:

\n\n

public function beforeFilter() {\n    parent::beforeFilter();\n    if ($this->request->params['action'] == 'action') { \n        $this->Security->validatePost = false; \n    } \n}\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",3]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","11144839",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/11144839","className":"text-blue-600 hover:underline","children":"Opposite of requireSecure in CakePHP"}]}],["$","li","12053538",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/12053538","className":"text-blue-600 hover:underline","children":"Cakephp 2 security in forms"}]}],["$","li","3761597",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/3761597","className":"text-blue-600 hover:underline","children":"cakePHP security"}]}],["$","li","7165751",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/7165751","className":"text-blue-600 hover:underline","children":"how to disable security component for certain actions in cakephp?"}]}],["$","li","30802169",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/30802169","className":"text-blue-600 hover:underline","children":"CakePHP form tampering"}]}],["$","li","18866127",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/18866127","className":"text-blue-600 hover:underline","children":"security component issue in cakephp"}]}],["$","li","17936233",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/17936233","className":"text-blue-600 hover:underline","children":"CakePHP Security - Prevent Form Injection"}]}],["$","li","17259084",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/17259084","className":"text-blue-600 hover:underline","children":"CakePHP Security Issue"}]}],["$","li","2432082",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/2432082","className":"text-blue-600 hover:underline","children":"How do I use security component in CakePHP?"}]}],["$","li","9171227",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/9171227","className":"text-blue-600 hover:underline","children":"CakePHP: Disable Security Component site wide"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Disable form security CakePHP

Answers (2)

Related Questions