php - CodeIgniter CSRF 在 IE 而非 chrome 或 Firefox 中工作

Question

我已尽力解决此问题，但无法使其跨浏览器工作。这是 CodeIgniter 文档页面http://goo.gl/YCKU7的链接，向下滚动到底部以查看跨站点请求伪造 (CSRF)部分。

这是我从几个论坛帖子中删除的步骤。

1. 设置配置

   $config['csrf_protection'] = TRUE;
   

2. 从 cookie 名称中删除“_”

   $config['sess_cookie_name']     = 'sfe';
   $config['sess_expiration']      = 7200;
   $config['sess_expire_on_close'] = TRUE;
   $config['sess_encrypt_cookie']  = FALSE;
   $config['sess_use_database']    = TRUE;
   $config['sess_table_name']      = 'ci_sessions';
   $config['sess_match_ip']        = FALSE;
   $config['sess_match_useragent'] = TRUE;
   $config['sess_time_to_update']  = 300;
   
   $config['csrf_protection']      = TRUE;
   $config['csrf_token_name']      = 'csrftestname';
   $config['csrf_cookie_name']     = 'csrfcookiename';
   $config['csrf_expire']          = 7200;
   

3. Cookie 相关变量

   $config['cookie_prefix']    = "";
   $config['cookie_domain']    = "";
   $config['cookie_path']      = "/";
   $config['cookie_secure']    = FALSE;
   

4. 创建表单form_open()

来自的日志code_application/logs/

DEBUG - 2013-04-04 18:33:10 --> Config Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Hooks Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Utf8 Class Initialized
DEBUG - 2013-04-04 18:33:10 --> UTF-8 Support Enabled
DEBUG - 2013-04-04 18:33:10 --> URI Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Router Class Initialized
DEBUG - 2013-04-04 18:33:10 --> No URI present. Default controller set.
DEBUG - 2013-04-04 18:33:10 --> Output Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Security Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Input Class Initialized
DEBUG - 2013-04-04 18:33:10 --> XSS Filtering completed
DEBUG - 2013-04-04 18:33:10 --> XSS Filtering completed
DEBUG - 2013-04-04 18:33:10 --> XSS Filtering completed
DEBUG - 2013-04-04 18:33:10 --> CRSF cookie Set
DEBUG - 2013-04-04 18:33:10 --> Global POST and COOKIE data sanitized
DEBUG - 2013-04-04 18:33:10 --> Language Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Loader Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Helper loaded: form_helper
DEBUG - 2013-04-04 18:33:10 --> Helper loaded: url_helper
DEBUG - 2013-04-04 18:33:10 --> Database Driver Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Form Validation Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Session Class Initialized
DEBUG - 2013-04-04 18:33:10 --> Helper loaded: string_helper
DEBUG - 2013-04-04 18:33:10 --> A session cookie was not found.
DEBUG - 2013-04-04 18:33:13 --> Session routines successfully run
DEBUG - 2013-04-04 18:33:13 --> Controller Class Initialized
DEBUG - 2013-04-04 18:33:13 --> File loaded:     /home/rpowell/codeigniter/sfe/code_application/views/view_home.php
DEBUG - 2013-04-04 18:33:13 --> Final output sent to browser
DEBUG - 2013-04-04 18:33:13 --> Total execution time: 2.4202
DEBUG - 2013-04-04 19:25:32 --> Config Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Hooks Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Utf8 Class Initialized
DEBUG - 2013-04-04 19:25:32 --> UTF-8 Support Enabled
DEBUG - 2013-04-04 19:25:32 --> URI Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Router Class Initialized
DEBUG - 2013-04-04 19:25:32 --> No URI present. Default controller set.
DEBUG - 2013-04-04 19:25:32 --> Output Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Security Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Input Class Initialized
DEBUG - 2013-04-04 19:25:32 --> XSS Filtering completed
DEBUG - 2013-04-04 19:25:32 --> XSS Filtering completed
DEBUG - 2013-04-04 19:25:32 --> XSS Filtering completed
DEBUG - 2013-04-04 19:25:32 --> XSS Filtering completed
DEBUG - 2013-04-04 19:25:32 --> XSS Filtering completed
DEBUG - 2013-04-04 19:25:32 --> CRSF cookie Set
DEBUG - 2013-04-04 19:25:32 --> Global POST and COOKIE data sanitized
DEBUG - 2013-04-04 19:25:32 --> Language Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Loader Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Helper loaded: form_helper
DEBUG - 2013-04-04 19:25:32 --> Helper loaded: url_helper
DEBUG - 2013-04-04 19:25:32 --> Database Driver Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Form Validation Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Session Class Initialized
DEBUG - 2013-04-04 19:25:32 --> Helper loaded: string_helper
DEBUG - 2013-04-04 19:25:32 --> Session routines successfully run
DEBUG - 2013-04-04 19:25:32 --> Controller Class Initialized
DEBUG - 2013-04-04 19:25:32 --> File loaded:     /home/rpowell/codeigniter/sfe/code_application/views/view_home.php
DEBUG - 2013-04-04 19:25:32 --> Final output sent to browser
DEBUG - 2013-04-04 19:25:32 --> Total execution time: 0.0520

我只是偶然发现了这篇文章： http: //goo.gl/n63tC并会看看它是否与我的服务器时间有关。